Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-39293 (GCVE-0-2021-39293)
Vulnerability from cvelistv5 – Published: 2022-01-24 00:00 – Updated: 2024-08-04 02:06
VLAI
EPSS
Summary
In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:41.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220217-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220217-0009/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"
},
{
"name": "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-39293",
"datePublished": "2022-01-24T00:00:00.000Z",
"dateReserved": "2021-08-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T02:06:41.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-39293",
"date": "2026-05-29",
"epss": "0.00039",
"percentile": "0.12038"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-39293\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-01-24T01:15:07.920\",\"lastModified\":\"2024-11-21T06:19:08.180\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.\"},{\"lang\":\"es\",\"value\":\"En archive/zip en Go versiones anteriores a 1.16.8 y 1.17.x versiones anteriores a 1.17.1, un encabezado de archivo dise\u00f1ada (designando falsamente que hay muchos archivos presentes) puede causar un p\u00e1nico en NewReader o OpenReader. NOTA: este problema se presenta debido a una correcci\u00f3n incompleta de CVE-2021-33196\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.16.8\",\"matchCriteriaId\":\"ACE9470C-C34A-49D6-892D-FDDF8D39D64E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.17.0\",\"versionEndExcluding\":\"1.17.1\",\"matchCriteriaId\":\"E60B4986-2002-4864-939D-F28B4C1E61EC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights_telegraf:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7E26C3B-E416-49D6-B296-33CD93694D39\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/dx9d7IOseHw\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220217-0009/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/g/golang-announce/c/dx9d7IOseHw\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20220217-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2022:0655
Vulnerability from csaf_redhat - Published: 2022-02-28 20:49 - Updated: 2026-03-20 01:26Summary
Red Hat Security Advisory: OpenShift Container Platform 4.9.23 bug fix and security update
Severity
Low
Notes
Topic: Red Hat OpenShift Container Platform release 4.9.23 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.9.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.23. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2022:0654
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html
Security Fix(es):
* golang: archive/zip: malformed archive may cause panic or memory
exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s)
listed in the References section.
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.23-x86_64
The image digest is sha256:1c13f0926c37c122eb5c86afd754c007f38977c8fc32d7da090490f556945afd
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.23-s390x
The image digest is sha256:24e3fcc5f5f28df01668ad412afbc002a110709da52803fe19d6e1ef785fa654
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.23-ppc64le
The image digest is sha256:4be36ad64852e2f241b78a3481474cd2cf124da8ec2d9263edf4264bfbc8c7f4
All OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available
at https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64 | — |
Vendor Fix
fix
|
Known not affected
78 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64 | — |
Threats
Impact
Low
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.9.23 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.9.23. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHBA-2022:0654\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nSecurity Fix(es):\n\n* golang: archive/zip: malformed archive may cause panic or memory\nexhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.23-x86_64\n\nThe image digest is sha256:1c13f0926c37c122eb5c86afd754c007f38977c8fc32d7da090490f556945afd\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.23-s390x\n\nThe image digest is sha256:24e3fcc5f5f28df01668ad412afbc002a110709da52803fe19d6e1ef785fa654\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.9.23-ppc64le\n\nThe image digest is sha256:4be36ad64852e2f241b78a3481474cd2cf124da8ec2d9263edf4264bfbc8c7f4\n\nAll OpenShift Container Platform 4.9 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:0655",
"url": "https://access.redhat.com/errata/RHSA-2022:0655"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1996751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996751"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2014003",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014003"
},
{
"category": "external",
"summary": "2038406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038406"
},
{
"category": "external",
"summary": "2040530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040530"
},
{
"category": "external",
"summary": "2040594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040594"
},
{
"category": "external",
"summary": "2050271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050271"
},
{
"category": "external",
"summary": "2050911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050911"
},
{
"category": "external",
"summary": "2052307",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052307"
},
{
"category": "external",
"summary": "2052553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052553"
},
{
"category": "external",
"summary": "2052710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052710"
},
{
"category": "external",
"summary": "2052929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052929"
},
{
"category": "external",
"summary": "2053149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053149"
},
{
"category": "external",
"summary": "2053581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053581"
},
{
"category": "external",
"summary": "2054139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054139"
},
{
"category": "external",
"summary": "2054608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054608"
},
{
"category": "external",
"summary": "2055100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055100"
},
{
"category": "external",
"summary": "2056631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056631"
},
{
"category": "external",
"summary": "2056638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056638"
},
{
"category": "external",
"summary": "2056826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056826"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0655.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.9.23 bug fix and security update",
"tracking": {
"current_release_date": "2026-03-20T01:26:12+00:00",
"generator": {
"date": "2026-03-20T01:26:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2022:0655",
"initial_release_date": "2022-02-28T20:49:34+00:00",
"revision_history": [
{
"date": "2022-02-28T20:49:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-02-28T20:49:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-20T01:26:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.9",
"product": {
"name": "Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.9.0-202202160239.p0.gf48b8d2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"product": {
"name": "openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"product_id": "openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli-alt-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"product": {
"name": "openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"product_id": "openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"product": {
"name": "openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"product_id": "openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.9.0-202202230318.p0.g8d748bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"product": {
"name": "openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"product_id": "openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-deployer\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"product": {
"name": "openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"product_id": "openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.9.0-202202160527.p0.g932d502.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"product": {
"name": "openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"product_id": "openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"product": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"product_id": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts-alt-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"product_id": "openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"product": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"product_id": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-baremetal-operator-rhel8\u0026tag=v4.9.0-202202161517.p0.gfb8cc3f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"product_id": "openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"product": {
"name": "openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"product_id": "openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"product_id": "openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-base\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"product_id": "openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-maven\u0026tag=v4.9.0-202202160918.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-12-rhel8\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"product_id": "openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.9.0-202202161218.p0.gb64dc34.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"product": {
"name": "openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"product_id": "openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-must-gather\u0026tag=v4.9.0-202202160527.p0.gb181f1f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"product_id": "openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.9.0-202202230509.p0.ged0b846.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.9.0-202202230509.p0.gdaa0798.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"product": {
"name": "openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"product_id": "openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-tools-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.9.0-202202160239.p0.gf48b8d2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"product": {
"name": "openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"product_id": "openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli-alt-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"product": {
"name": "openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"product_id": "openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"product": {
"name": "openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"product_id": "openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.9.0-202202230318.p0.g8d748bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"product": {
"name": "openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"product_id": "openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-deployer\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"product": {
"name": "openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"product_id": "openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.9.0-202202160527.p0.g932d502.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"product": {
"name": "openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"product_id": "openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"product": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"product_id": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts-alt-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"product_id": "openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"product": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"product_id": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-baremetal-operator-rhel8\u0026tag=v4.9.0-202202161517.p0.gfb8cc3f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"product_id": "openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"product": {
"name": "openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"product_id": "openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-base\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-maven\u0026tag=v4.9.0-202202160918.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-12-rhel8\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"product_id": "openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.9.0-202202161218.p0.gb64dc34.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"product": {
"name": "openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"product_id": "openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-must-gather\u0026tag=v4.9.0-202202160527.p0.gb181f1f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"product_id": "openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.9.0-202202230509.p0.ged0b846.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.9.0-202202230509.p0.gdaa0798.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"product": {
"name": "openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"product_id": "openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-tools-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.9.0-202202160239.p0.gf48b8d2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"product": {
"name": "openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"product_id": "openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"product": {
"name": "openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"product_id": "openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.9.0-202202230318.p0.g8d748bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"product": {
"name": "openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"product_id": "openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-deployer\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"product": {
"name": "openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"product_id": "openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.9.0-202202160527.p0.g932d502.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"product": {
"name": "openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"product_id": "openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"product_id": "openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"product": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"product_id": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-baremetal-operator-rhel8\u0026tag=v4.9.0-202202161517.p0.gfb8cc3f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"product_id": "openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"product": {
"name": "openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"product_id": "openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"product": {
"name": "openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"product_id": "openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-base\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"product": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"product_id": "openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-maven\u0026tag=v4.9.0-202202160918.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-12-rhel8\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"product_id": "openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.9.0-202202161218.p0.gb64dc34.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"product": {
"name": "openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"product_id": "openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-must-gather\u0026tag=v4.9.0-202202160527.p0.gb181f1f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"product_id": "openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.9.0-202202230509.p0.ged0b846.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.9.0-202202230509.p0.gdaa0798.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"product": {
"name": "openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"product_id": "openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38?arch=arm64\u0026repository_url=registry.redhat.io/openshift4/ose-tools-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"product_id": "openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-monitoring-operator\u0026tag=v4.9.0-202202160239.p0.gf48b8d2.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"product": {
"name": "openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"product_id": "openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli-alt-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"product": {
"name": "openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"product_id": "openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"product": {
"name": "openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"product_id": "openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-console\u0026tag=v4.9.0-202202230318.p0.g8d748bd.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"product": {
"name": "openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"product_id": "openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-deployer\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"product": {
"name": "openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"product_id": "openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tests\u0026tag=v4.9.0-202202160527.p0.g932d502.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"product": {
"name": "openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"product_id": "openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"product_id": "openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-baremetal-installer-rhel8\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"product": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"product_id": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts-alt-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"product": {
"name": "openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"product_id": "openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cli-artifacts\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"product": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"product_id": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-baremetal-operator-rhel8\u0026tag=v4.9.0-202202161517.p0.gfb8cc3f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"product": {
"name": "openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"product_id": "openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer-artifacts\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64",
"product": {
"name": "openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64",
"product_id": "openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-installer\u0026tag=v4.9.0-202202212240.p0.g4391c01.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"product_id": "openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-base\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"product_id": "openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-maven\u0026tag=v4.9.0-202202160918.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-12-rhel8\u0026tag=v4.9.0-202202160527.p0.gaf84740.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"product": {
"name": "openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"product_id": "openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.9.0-202202161218.p0.gb64dc34.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"product": {
"name": "openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"product_id": "openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-must-gather\u0026tag=v4.9.0-202202160527.p0.gb181f1f.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"product": {
"name": "openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"product_id": "openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.9.0-202202230509.p0.ged0b846.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"product": {
"name": "openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"product_id": "openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ovn-kubernetes\u0026tag=v4.9.0-202202230509.p0.gdaa0798.assembly.stream"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64",
"product": {
"name": "openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64",
"product_id": "openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-tools-rhel8\u0026tag=v4.9.0-202202160527.p0.g5035cc3.assembly.stream"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x"
},
"product_reference": "openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x"
},
"product_reference": "openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64"
},
"product_reference": "openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le"
},
"product_reference": "openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x"
},
"product_reference": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le"
},
"product_reference": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64"
},
"product_reference": "openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le"
},
"product_reference": "openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le"
},
"product_reference": "openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64"
},
"product_reference": "openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x"
},
"product_reference": "openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64"
},
"product_reference": "openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64"
},
"product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64"
},
"product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x"
},
"product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le"
},
"product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le"
},
"product_reference": "openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64"
},
"product_reference": "openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x"
},
"product_reference": "openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64"
},
"product_reference": "openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le"
},
"product_reference": "openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x"
},
"product_reference": "openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64"
},
"product_reference": "openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64"
},
"product_reference": "openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64"
},
"product_reference": "openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64"
},
"product_reference": "openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le"
},
"product_reference": "openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x"
},
"product_reference": "openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64"
},
"product_reference": "openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64"
},
"product_reference": "openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64"
},
"product_reference": "openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64"
},
"product_reference": "openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x"
},
"product_reference": "openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64"
},
"product_reference": "openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le"
},
"product_reference": "openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64"
},
"product_reference": "openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le"
},
"product_reference": "openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64"
},
"product_reference": "openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x"
},
"product_reference": "openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64"
},
"product_reference": "openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x"
},
"product_reference": "openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x"
},
"product_reference": "openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64"
},
"product_reference": "openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le"
},
"product_reference": "openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64"
},
"product_reference": "openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le"
},
"product_reference": "openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64"
},
"product_reference": "openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x"
},
"product_reference": "openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64 as a component of Red Hat OpenShift Container Platform 4.9",
"product_id": "8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64"
},
"product_reference": "openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-02-28T20:49:34+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.9/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:0655"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:04ab8bcbcc7f3eb67b308c204c615d462341a5ed957cde3d201f290880dbe5cf_arm64",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:136fe9d026cd073204a70ca41735c3985821132132c6efb4552a007d263ec077_ppc64le",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:957a1e03022763253ef997eca1d0b99b8493e08d9809fb686621a51e9ce4455f_amd64",
"8Base-RHOSE-4.9:openshift4/network-tools-rhel8@sha256:dd5b3aa54338a9bccd44c7f232d71ebf22a780b234059c6c029b73ec144c595e_s390x",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:534671733716fef83d3be834255d3521f8eda3b3d684024d5bc1d888414233a3_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:5468caef290a4834c82d4961725145a0c6762ae95a264314219f7367ecabc1b2_amd64",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:d6c9607fc5911858a2fcc18172c924465ee4c08e8abc9c77dd3e4518936806a6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-baremetal-installer-rhel8@sha256:daa5d19be2897ce9f376cb0b618c49548b177abbf81716036ba389d2227a4bc6_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:0cbf9b87b05eb82ef6d98b86b216f6cb5bb81b783c264b314c377ca5a93b9e57_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:86935754535e107ef5b1d53e417df76289f1d8aaaa53b4e2235e8715fdcaf58e_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-alt-rhel8@sha256:f10e561835226d4a583617e874b8530d8f751d8081e4fd5a79cb4996ba681db0_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:751df5c377d228f76205ca7a500c23316a65291b8a852fbb2c7ef48084190d7d_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:7ceeb47e089d26d3da8f6445dc67440e90daf2b41829a5fdfba82001b39cf571_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts-alt-rhel8@sha256:a681352e23bfd7b4bf92be081212ca9e26258544679bbc31ba438f50d952980f_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:00b0d6373a81da5578916ec91e0790193ab1aa245831f00488741b9770429a83_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:35a26908f9a5fdc68a7a0254563a2dd35cedb74404bc49f0ad362fdcc642d7a1_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:4e9eef03d52d7b1bce8e5ca946f487198e191ec77676aaa3b386416df9257304_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli-artifacts@sha256:cef5172682d679a4cd241642fe8e34277cd9201c3762698d984da5819831d087_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:4522ddf917d1b704edb693980ec439d4a45a838963e1f89b2d75f1d451ee5350_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:696940caa4be2f7c94c5e145946faa49f616f0a2b10fe14a8612cdcc69d97b33_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:978dfb76e92331565eb1590e7e3d3ad25bfcbdaad9c20f72cba6e43b6a0920cd_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cli@sha256:efa64b42b83eb0a9ee46bbcab301d1e088646671d0d4d5339c3a75872e8550d0_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:57a7ba8dd6a91ecb3b1b4288f887d35dc23cefc4c407af0526b146ab6162702f_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:594e537093806ee6e79224a923a0d28dcc25ec180d9a560044c13d5c760bc807_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:5ff6f7852ad8f01a3f70a7891d811d4cf8e3de64de9bc4a813f1d6a8c7fd90d2_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cluster-baremetal-operator-rhel8@sha256:e1bbd53fcda2722e44fbec0ee923f839e8cf5ea6e38f3cc973589a0d23ef87c4_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:1df87098b0736f61212ab55146ec3e22419a5dde87d40d514f5d24614e5c9529_amd64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:37800a9c1017dacab96ed52727b3bfa90b965fd5712abfa5fdadabb21c7cfa66_arm64",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:e0c9378ba2d9fe82250af4c5b53b3e760934482298e55cc1bf41973835a869b4_s390x",
"8Base-RHOSE-4.9:openshift4/ose-cluster-monitoring-operator@sha256:fc832e18a75b0eee2442859dfadf24145b316c3f7966cdbd295bc03f58fbcacc_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:31e84a9e54116daefd2c9828e449e5647d9bb12230a19b7b2267ffd74b78964d_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:3f6cd675aab05ae85d7635a88bf9c48df7df83b192f80b1091a6417027813db5_arm64",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:aec5c00e62393d2d679dae57cd925fde5904016a0350952d2de5f3e1025bd4f6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-console@sha256:b5db91f6f71958d2275967ccf5753bfe6f50396a463b02567a307235fbb76f07_amd64",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:3e84917a7bab503493b592b7224c9d3876e570a9fd1777dbf9e5ae20de297494_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:624896e504b4a672507e9f04ed77c63732666704543349568dd71842e9c63111_s390x",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:8a163dfa65b43d2eae1a05d18b62c04f312d3c660f77103b799fa3f41555252d_arm64",
"8Base-RHOSE-4.9:openshift4/ose-deployer@sha256:cf21d3e3078b96feba08d2ddc6efb9eaaef3a25510a2a94cd60d8a7cf7ae8742_amd64",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:12fd09b8b8c19fa13801cbd7cd0cb96b427c2a28d2a32dc4fd4813aef45b3515_amd64",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:4020e11d899387f19ec6a872f2edaa482c97bc38da44dfe7e581044cf86eb163_s390x",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:54f2b53fc0dcbae47b64cdbabb8d2e599a901e803abde5e35f9cfa072449218e_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-installer-artifacts@sha256:ae1861a551d075c2b020663f4e50e91ceacae40030f497bab0e8874fa06a02b7_arm64",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1d418a5550c3a42102958325d2dc0cd85924379282118ec8ddae5768c149eb57_arm64",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:1e9ec7bb9041f78635f72ea89dca762a38d4bdad9cc8570fb2ef5eda23da6afb_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:35be67fafb191febf3ef5f5e8616994634cc3eac3437c19ac624c62c7b49dcb6_s390x",
"8Base-RHOSE-4.9:openshift4/ose-installer@sha256:75bc8e0526fbfc0b0d26d438dad823578f7f7de19f2d9174761d5d516dcda870_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:242b04468a65f8089a534387d110f5271d5f15390d0c30bee10eb7e3662d921a_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:2e41303b5abe66877ef6eda7d8495cdbdd517ac10eebac1879d2288ee5e1a7e6_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:3323779fe21126062eabf1e5240739e62139131424129e73b19f7c32ed1cb71c_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-base@sha256:66185f53f7f0d74961837f5f5bee90ebd5a969513a3dbc9e4b64bcc538dbf977_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:02ede27ec4455daac0542dc78299cb655b60d0d604eec22af50ae0f75c48154e_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:21c005009ff61ca1c3e815e0ea8c676c53a2b1a0cbb4f9c83ee9eec7781d76a4_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:92ec94b8d98ac498251164556a1c82907ea5c0fba1921711288313daa2c913f5_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-maven@sha256:d7af7115a138cb027b98bf74a7d481881d165d97cc12c1ce858de5783aed7eac_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:0c464a1271728040b8b3e1906c00087e8d0706670539a9c20d189aa7e1d63b1b_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:7b7c083f4e3405971db7c63b4f0a5695a93276b551b8433ca9a1b492a7b8bd4e_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:bf1de74c675ef000f1b273b450419f3b36a9cda6fa77e06712ab5fc2438081b7_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:c91e236a0d9b7f0d6951d524081d35d939c5a4226b5dd9e94d8a9f46f888c781_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:12f98757b8287346947848187beeeb088b8258717fc0fdf6bf0001df256d380f_amd64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:a057a1e9876f279119c17afbedae76c880e310e75e05dc09409bb8b13ce914a9_s390x",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:cd66e0e1e4d3f1c33929fde11bf6cfed478ea756e884377ebab10a21c55ae345_arm64",
"8Base-RHOSE-4.9:openshift4/ose-jenkins@sha256:f85902b08c5e23d55b509f87b6fd01729e034f670ac6076f2e4bc9230ca58606_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:10c600a9e5d935d693ee595d543c81a9f292d6ea2620895af36030c6c2945da4_arm64",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:81c6212317b80fa4c557c2252eabf3de5b749b8ccf23b684163006071aab0746_s390x",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:8ae56ad719ee0b1ac8fea5063c2cf6c7005810159c6b4de8c4bfdeb69ecdf594_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-machine-config-operator@sha256:d756358cb57fc61e6f826bbd9e7ea98a369ad463737ce7ba26bca6e50d31f03d_amd64",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:00f49651c52fa685f62409975791be1b3690e5b36fb95f437a24eac89efbdcf1_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:81e85b5b7dcc68a4561e810570493b1e859e27294a4a3192afd77d2764c990fe_amd64",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:c21cf2548fb1ac39c636b04d507c1e6e86e77ec050449f853a4b82663e6af8d0_s390x",
"8Base-RHOSE-4.9:openshift4/ose-must-gather@sha256:da47acb4ac4c86d8ec19ec35aaa64ff84277e0d646f8e6d13c05b80c1c826f6b_arm64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:5bfcec0a606f688876224433a48c039e1ece8e2d41647134db5b09c7abdac701_amd64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:61aec5d4bccb68ec425cabfbaa3add71ef9354391386bfc599f5b837e8ac3a19_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:73bc212a2b46ba476033019791bd7cacaf3fadcd605601e1640a983742cf64c4_arm64",
"8Base-RHOSE-4.9:openshift4/ose-ovn-kubernetes@sha256:db48699a9131b5540b6e8de8d848bebfff30c2b0dc38205fc1693f5b80a0476c_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:12f90a7589521f3b5dbf5715c752edbeaffb22bfd78e16fbd7d184e6330cb58e_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:733d3576f8be767339e3dbf57a4b299f4e92ba9c743bcd023ebc3f1dd8afdae7_arm64",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ad0d18551e63a10efac7fff782411d16b1d37c93dacf7ad18ba784688301016b_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-tests@sha256:ccb0ee33ba896e16943a9e1a0cb99db32d04f9ae1ce36c86359b179898de6438_amd64",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:33b059ab267a08737bab66a42c42f64d034e9417c8f6caee095cefabfb54c067_ppc64le",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:53d678e29da02476da7b1c38fb8acfa598fcdbb2e4861ecdabe52c03720f6f38_arm64",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:56dee78fa02bb2941c15568995448158561a4e30a1d578479efeb76e349fc4ec_s390x",
"8Base-RHOSE-4.9:openshift4/ose-tools-rhel8@sha256:f222e8e4a4e99fea5548b95381e026807dd64beb272376e454c10b9f5b17861b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
RHSA-2022:1819
Vulnerability from csaf_redhat - Published: 2022-05-10 14:02 - Updated: 2026-05-15 02:19Summary
Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update
Severity
Moderate
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: Command-line arguments may overwrite global data (CVE-2021-38297)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
* golang: debug/macho: invalid dynamic symbol table command can cause panic (CVE-2021-41771)
* golang: archive/zip: Reader.Open panics on empty string (CVE-2021-41772)
* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)
* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)
* golang: crypto/elliptic IsOnCurve returns true for invalid field elements (CVE-2022-23806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. This vulnerability can only be triggered when invoking functions from vulnerable WASM (WebAssembly) Modules. Go can be compiled to WASM. If the product or service doesn't use WASM functions, it is not affected, although it uses golang.
9.8 (Critical)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho standard library (stdlib) and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice (array) causing a panic when calling ImportedSymbols. An attacker can use this vulnerability to craft a file which causes an application using this library to crash resulting in a denial of service.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.
7.5 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.
7.1 (High)
Affected products
Fixed
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: Command-line arguments may overwrite global data (CVE-2021-38297)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\n* golang: debug/macho: invalid dynamic symbol table command can cause panic (CVE-2021-41771)\n\n* golang: archive/zip: Reader.Open panics on empty string (CVE-2021-41772)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)\n\n* golang: crypto/elliptic IsOnCurve returns true for invalid field elements (CVE-2022-23806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:1819",
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2012887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012887"
},
{
"category": "external",
"summary": "2014704",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014704"
},
{
"category": "external",
"summary": "2020725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020725"
},
{
"category": "external",
"summary": "2020736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020736"
},
{
"category": "external",
"summary": "2053429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
},
{
"category": "external",
"summary": "2053532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
},
{
"category": "external",
"summary": "2053541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1819.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-15T02:19:57+00:00",
"generator": {
"date": "2026-05-15T02:19:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2022:1819",
"initial_release_date": "2022-05-10T14:02:26+00:00",
"revision_history": [
{
"date": "2022-05-10T14:02:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-10T14:02:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-15T02:19:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=src\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src (go-toolset:rhel8)",
"product_id": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=src\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src (go-toolset:rhel8)",
"product_id": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=src\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=noarch\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=s390x\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=s390x\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=s390x\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.7.2-1.module%2Bel8.6.0%2B12972%2Bebab5911?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.17.7-1.module%2Bel8.6.0%2B14297%2B32a15e19?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8060020220221035359:76a129d7"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.6.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-38297",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2012887"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. This vulnerability can only be triggered when invoking functions from vulnerable WASM (WebAssembly) Modules. Go can be compiled to WASM. If the product or service doesn\u0027t use WASM functions, it is not affected, although it uses golang.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: Command-line arguments may overwrite global data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Although this flaw has a higher CVSS score, in a strict sense, the flaw could possibly enable code exec, either Red Hat products don\u0027t use WASM, or don\u0027t expose WASM functions in a way that makes code exec possible. For this reason, the Red Hat impact for this flaw is Moderate.\n\n* Because the flawed code is not actually used in Service Telemetry Framework1.3, no update will be provided at this time for STF\u0027s sg-core-container.\n\n*For a WASM Module to be vulnerable, it needs to be built using GOARCH=wasm GOOS=js (build options for WebAssembly).\n\n*CVE-2021-38297 is a vulnerability that affects Go (golang). It has been fixed in versions 1.17.2 and 1.16.9.\n\n*CVE-2021-38297 does not affect the OpenShift Container Platform (OCP) because it does not build anything with GOARCH=wasm GOOS=js. Hence, OCP-based services are not affected either.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-38297"
},
{
"category": "external",
"summary": "RHBZ#2012887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2012887"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38297"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A",
"url": "https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A"
}
],
"release_date": "2021-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: Command-line arguments may overwrite global data"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
},
{
"cve": "CVE-2021-41771",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2020725"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho standard library (stdlib) and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice (array) causing a panic when calling ImportedSymbols. An attacker can use this vulnerability to craft a file which causes an application using this library to crash resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: debug/macho: invalid dynamic symbol table command can cause panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Service Telemetry Framework, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41771"
},
{
"category": "external",
"summary": "RHBZ#2020725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020725"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41771"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0fM21h43arc",
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
}
],
"release_date": "2021-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: debug/macho: invalid dynamic symbol table command can cause panic"
},
{
"cve": "CVE-2021-41772",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2021-11-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2020736"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Reader.Open panics on empty string",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s sg-core-container.\n\n* Because Red Hat Ceph Storage only uses Go\u0027s archive/zip for the Grafana CLI and thus is not directly exploitable, the vulnerability has been rated low for Red Hat Ceph Storage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41772"
},
{
"category": "external",
"summary": "RHBZ#2020736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020736"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41772"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0fM21h43arc",
"url": "https://groups.google.com/g/golang-announce/c/0fM21h43arc"
}
],
"release_date": "2021-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Reader.Open panics on empty string"
},
{
"cve": "CVE-2022-23772",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053532"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23772"
},
{
"category": "external",
"summary": "RHBZ#2053532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString"
},
{
"cve": "CVE-2022-23773",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053541"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23773"
},
{
"category": "external",
"summary": "RHBZ#2053541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control"
},
{
"cve": "CVE-2022-23806",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 are affected because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having a Moderate security impact. The issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7; hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16 \u0026 1.17), will not be addressed in future updates as shipped only in RHEL-7, hence, marked as Out-of-Support-Scope.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.\n\nThe vulnerability lies in the crypto/elliptic: IsOnCurve taking in negative and invalid forms of data input and resulting in a panic, the resulting invalid data input is also resulting in data sinks in other functions such as marshall that handle elliptic curve cryptography by converting points on an elliptic curve into a binary format for storage or transmission and scalarmult which provides scalar multiplication, all three function takes in invalid forms of data and results in a crash, although the main culprit being isoncurve function, considering the attack complexity being high as the data that reaches the vulnerable function could already be stripped of negative sign and the resultant successful exploitation only leading to a panic/crash the vulnerability has been rated as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23806"
},
{
"category": "external",
"summary": "RHBZ#2053429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-10T14:02:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:1819"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debuginfo-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:delve-debugsource-0:1.7.2-1.module+el8.6.0+12972+ebab5911.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:go-toolset-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.src::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.aarch64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.ppc64le::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.s390x::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-bin-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-docs-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-misc-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-race-0:1.17.7-1.module+el8.6.0+14297+32a15e19.x86_64::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-src-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8",
"AppStream-8.6.0.GA:golang-tests-0:1.17.7-1.module+el8.6.0+14297+32a15e19.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements"
}
]
}
RHSA-2022:4814
Vulnerability from csaf_redhat - Published: 2022-05-31 09:48 - Updated: 2026-04-30 16:09Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update
Severity
Moderate
Notes
Topic: The Migration Toolkit for Containers (MTC) 1.6.5 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es):
* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64 | — |
Threats
Impact
Moderate
A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64 | — |
Vendor Fix
fix
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64 | — |
Threats
Impact
Moderate
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.6.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:4814",
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "2057579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057579"
},
{
"category": "external",
"summary": "2072311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072311"
},
{
"category": "external",
"summary": "2074044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074044"
},
{
"category": "external",
"summary": "2074553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4814.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update",
"tracking": {
"current_release_date": "2026-04-30T16:09:46+00:00",
"generator": {
"date": "2026-04-30T16:09:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2022:4814",
"initial_release_date": "2022-05-31T09:48:42+00:00",
"revision_history": [
{
"date": "2022-05-31T09:48:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-31T09:48:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:09:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.6",
"product": {
"name": "8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.6.5-5"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.6.5-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.6.5-4"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.6.5-14"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.6.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.6.5-3"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.6.5-2"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.6.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64 as a component of 8Base-RHMTC-1.6",
"product_id": "8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
},
"product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2007557"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) vulnerability was found in nodejs-ansi-regex. This could possibly cause an application using ansi-regex to use an excessive amount of CPU time when matching crafted ANSI escape codes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw requires crafted invalid ANSI escape codes in order to be exploited and only allows for denial of service of applications on the client side, hence the impact has been rated as Moderate.\n\nIn Red Hat Virtualization and Red Hat Quay some components use a vulnerable version of ansi-regex. However, all frontend code is executed on the client side. As the maximum impact of this vulnerability is denial of service in the client, the vulnerability is rated Moderate for those products.\n\nOpenShift Container Platform 4 (OCP) ships affected version of ansi-regex in the ose-metering-hadoop container, however the metering operator is deprecated since 4.6[1]. This issue is not currently planned to be addressed in future updates and hence hadoop container has been marked as \u0027will not fix\u0027.\n\nAdvanced Cluster Management for Kubernetes (RHACM) ships the affected version of ansi-regex in several containers, however the impact of this vulnerability is deemed low as it would result in an authenticated slowing down their own user interface. \n\n[1] https://docs.openshift.com/container-platform/4.6/metering/metering-about-metering.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3807"
},
{
"category": "external",
"summary": "RHBZ#2007557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2007557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3807"
},
{
"category": "external",
"summary": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994",
"url": "https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994"
}
],
"release_date": "2021-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-31T09:48:42+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-09-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2006044"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could cause a denial of service via memory exhaustion or panic. This particular flaw is an incomplete fix for a previous flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In OpenShift Container Platform, multiple components are written in Go and use archive/zip from the standard library. However, all such components are short lived client side tools, not long lived server side executables. As the maximum impact of this vulnerability is a denial of service in client utilities, this vulnerability is rated Low for OpenShift Container Platform.\n\n* This flaw is out of support scope for Red Hat Enterprise Linux 7. For more information about Red Hat Enterprise Linux support scope, please see https://access.redhat.com/support/policy/updates/errata\n\n* Because Service Telemetry Framework1.2 will be retiring soon and the flaw\u0027s impact is lower, no update will be provided at this time for STF1.2\u0027s smart-gateway-container and sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "RHBZ#2006044",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2006044"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw",
"url": "https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"
}
],
"release_date": "2021-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-31T09:48:42+00:00",
"details": "For details on how to install and use MTC, refer to:\n\nhttps://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html",
"product_ids": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.6:rhmtc/openshift-migration-controller-rhel8@sha256:eadd64a4cafcd3fc91908cd33a6d8b8ffceefa5a156d6e6ab3e009083efa492f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-log-reader-rhel8@sha256:81539d76dc684112b82c813f50e462886526eca4d85d72c6fa7b19e1d653f917_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-must-gather-rhel8@sha256:87e2617616002346c1c8bf1ca4328dc71d58f5f2b7f49eb31165a789be8b747f_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-operator-bundle@sha256:bef6f99405b6ea016b794a11214f48abb1ed14e54fdafc8dc57a741a86a66980_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-registry-rhel8@sha256:27206cb9901c89601d7440f06797d4f3f11a058ef169df7326475be781277724_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rhel8-operator@sha256:a98821722ebe5038776bd9f7a0cc1cd59ee5b2b6b2f64a0ba670302f38e3d1f2_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:d7f77e58018abbb2f89a4d767ce3b70614bf74883c4e0238abd722d49c330a83_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-ui-rhel8@sha256:afb05f33dcb4a5f5d07581acf8bbf1fab191f7a849eb32ed754629791013c22b_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:9f7a89167eb2c7450a0fea724bf31a83cd1baccdc04a27a2a6b808b55aa30387_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:f34848547089c208a51d8f6b5296a978bd86b2f2a37a10845e255ca08259db64_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:e867d7765f464a9460fc3fe5fda406db667d158273b462ed86c2ef275618f027_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:fff289d2412da6fa9f3b519d1bbf6cf730294ecf462087a84a697be63b513962_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-migration-velero-rhel8@sha256:cf1aabb5f8a931a9520490289a3f443d1df115a3f900e6c267af90a641124963_amd64",
"8Base-RHMTC-1.6:rhmtc/openshift-velero-plugin-rhel8@sha256:bcce92e939b72d317035fe3d188825b879d68441756835c8018d1bc2f434220d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)"
}
]
}
SSA-222547
Vulnerability from csaf_siemens - Published: 2022-06-14 00:00 - Updated: 2022-06-14 00:00Summary
SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0
Notes
Summary: Multiple vulnerabilities in the third-party components CivetWeb, Docker, Linux Kernel and systemd could allow an attacker to impact SCALANCE LPE9403 confidentiality, integrity and availability.
Siemens has released an update for the SCALANCE LPE9403 and recommends to update to the latest version.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
References
23 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited.",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities in the third-party components CivetWeb, Docker, Linux Kernel and systemd could allow an attacker to impact SCALANCE LPE9403 confidentiality, integrity and availability.\n\nSiemens has released an update for the SCALANCE LPE9403 and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"
},
{
"category": "self",
"summary": "SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-222547.txt"
},
{
"category": "self",
"summary": "SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-222547.json"
}
],
"title": "SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0",
"tracking": {
"current_release_date": "2022-06-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-222547",
"initial_release_date": "2022-06-14T00:00:00Z",
"revision_history": [
{
"date": "2022-06-14T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V2.0",
"product": {
"name": "SCALANCE LPE9403",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6GK5998-3GS00-2AC2"
]
}
}
}
],
"category": "product_name",
"name": "SCALANCE LPE9403"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27304",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2020-27304 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2020-27304 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2020-27304.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2020-27304"
},
{
"cve": "CVE-2021-20317",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-20317 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-20317 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-20317.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-20317"
},
{
"cve": "CVE-2021-33910",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "The use of alloca function with an uncontrolled size in function unit_name_path_escape allows a local attacker, able to mount a filesystem on a very long path, to crash systemd and the whole system by allocating a very large space in the stack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-33910 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-33910 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-33910.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-33910"
},
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition vulnerability was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-36221 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-36221 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-36221.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-39293",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "The fix for CVE-2021-33196 can be bypassed by crafted inputs. As a result, the NewReader and OpenReader functions in archive/zip can still cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-39293 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-39293 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-39293.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-39293"
},
{
"cve": "CVE-2021-41089",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in Moby (Docker Engine) where attempting to copy files using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host\u2019s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41089 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-41089 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41089.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41089"
},
{
"cve": "CVE-2021-41091",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in Moby (Docker Engine) where the data directory (typically /var/lib/docker) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41091 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-41091 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41091.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41091"
},
{
"cve": "CVE-2021-41092",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file (typically ~/.docker/config.json) listing a credsStore or credHelpers that could not be executed would result in any provided credentials being sent to registry-1.docker.io rather than the intended private registry.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41092 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-41092 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41092.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41092"
},
{
"cve": "CVE-2021-41103",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2021-41103 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2021-41103 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2021-41103.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41103"
},
{
"cve": "CVE-2022-0847",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"references": [
{
"summary": "CVE-2022-0847 - SCALANCE LPE9403",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
},
{
"summary": "CVE-2022-0847 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2022-0847.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109811123/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-0847"
}
]
}
SUSE-RU-2021:3315-1
Vulnerability from csaf_suse - Published: 2021-10-06 17:29 - Updated: 2021-10-06 17:29Summary
Recommended update for go1.17
Severity
Moderate
Notes
Title of the patch: Recommended update for go1.17
Description of the patch: This update for go1.17 fixes the following issues:
This is the initial go 1.17 shipment.
go1.17.1 (released 2021-09-09) includes a security fix to the
archive/zip package, as well as bug fixes to the compiler,
linker, the go command, and to the crypto/rand, embed, go/types,
html/template, and net/http packages. (bsc#1190649)
CVE-2021-39293: Fixed an overflow in preallocation check that can cause OOM panic in archive/zip (bsc#1190589)
go1.17 (released 2021-08-16) is a major release of Go.
go1.17.x minor releases will be provided through August 2022.
See https://github.com/golang/go/wiki/Go-Release-Cycle
Most changes are in the implementation of the toolchain, runtime,
and libraries. As always, the release maintains the Go 1 promise
of compatibility. We expect almost all Go programs to continue to
compile and run as before. (bsc#1190649)
* See release notes https://golang.org/doc/go1.17. Excerpts
relevant to OBS environment and for SUSE/openSUSE follow:
* The compiler now implements a new way of passing function
arguments and results using registers instead of the
stack. Benchmarks for a representative set of Go packages and
programs show performance improvements of about 5%, and a
typical reduction in binary size of about 2%. This is currently
enabled for Linux, macOS, and Windows on the 64-bit x86
architecture (the linux/amd64, darwin/amd64, and windows/amd64
ports). This change does not affect the functionality of any
safe Go code and is designed to have no impact on most assembly
code.
* When the linker uses external linking mode, which is the
default when linking a program that uses cgo, and the linker is
invoked with a -I option, the option will now be passed to the
external linker as a -Wl,--dynamic-linker option.
* The runtime/cgo package now provides a new facility that allows
to turn any Go values to a safe representation that can be used
to pass values between C and Go safely. See runtime/cgo.Handle
for more information.
* ARM64 Go programs now maintain stack frame pointers on the
64-bit ARM architecture on all operating systems. Previously,
stack frame pointers were only enabled on Linux, macOS, and
iOS.
* Pruned module graphs in go 1.17 modules: If a module specifies
go 1.17 or higher, the module graph includes only the immediate
dependencies of other go 1.17 modules, not their full
transitive dependencies. To convert the go.mod file for an
existing module to Go 1.17 without changing the selected
versions of its dependencies, run: go mod tidy -go=1.17
By default, go mod tidy verifies that the selected versions of
dependencies relevant to the main module are the same versions
that would be used by the prior Go release (Go 1.16 for a
module that specifies go 1.17), and preserves the go.sum
entries needed by that release even for dependencies that are
not normally needed by other commands.
The -compat flag allows that version to be overridden to
support older (or only newer) versions, up to the version
specified by the go directive in the go.mod file. To tidy a go
1.17 module for Go 1.17 only, without saving checksums for (or
checking for consistency with) Go 1.16: go mod tidy
-compat=1.17
Note that even if the main module is tidied with -compat=1.17,
users who require the module from a go 1.16 or earlier module
will still be able to use it, provided that the packages use
only compatible language and library features.
The go mod graph subcommand also supports the -go flag, which
causes it to report the graph as seen by the indicated Go
version, showing dependencies that may otherwise be pruned out.
* Module deprecation comments: Module authors may deprecate a
module by adding a // Deprecated: comment to go.mod, then
tagging a new version. go get now prints a warning if a module
needed to build packages named on the command line is
deprecated. go list -m -u prints deprecations for all
dependencies (use -f or -json to show the full message). The go
command considers different major versions to be distinct
modules, so this mechanism may be used, for example, to provide
users with migration instructions for a new major version.
* go get -insecure flag is deprecated and has been removed. To
permit the use of insecure schemes when fetching dependencies,
please use the GOINSECURE environment variable. The -insecure
flag also bypassed module sum validation, use GOPRIVATE or
GONOSUMDB if you need that functionality. See go help
environment for details.
* go get prints a deprecation warning when installing commands
outside the main module (without the -d flag). go install
cmd@version should be used instead to install a command at a
specific version, using a suffix like @latest or @v1.2.3. In Go
1.18, the -d flag will always be enabled, and go get will only
be used to change dependencies in go.mod.
* go.mod files missing go directives: If the main module's go.mod
file does not contain a go directive and the go command cannot
update the go.mod file, the go command now assumes go 1.11
instead of the current release. (go mod init has added go
directives automatically since Go 1.12.)
If a module dependency lacks an explicit go.mod file, or its
go.mod file does not contain a go directive, the go command now
assumes go 1.16 for that dependency instead of the current
release. (Dependencies developed in GOPATH mode may lack a
go.mod file, and the vendor/modules.txt has to date never
recorded the go versions indicated by dependencies' go.mod
files.)
* vendor contents: If the main module specifies go 1.17 or
higher, go mod vendor now annotates vendor/modules.txt with the
go version indicated by each vendored module in its own go.mod
file. The annotated version is used when building the module's
packages from vendored source code.
If the main module specifies go 1.17 or higher, go mod vendor
now omits go.mod and go.sum files for vendored dependencies,
which can otherwise interfere with the ability of the go
command to identify the correct module root when invoked within
the vendor tree.
* Password prompts: The go command by default now suppresses SSH
password prompts and Git Credential Manager prompts when
fetching Git repositories using SSH, as it already did
previously for other Git password prompts. Users authenticating
to private Git repos with password-protected SSH may configure
an ssh-agent to enable the go command to use password-protected
SSH keys.
* go mod download: When go mod download is invoked without
arguments, it will no longer save sums for downloaded module
content to go.sum. It may still make changes to go.mod and
go.sum needed to load the build list. This is the same as the
behavior in Go 1.15. To save sums for all modules, use:
go mod download all
* The go command now understands //go:build lines and prefers
them over // +build lines. The new syntax uses boolean
expressions, just like Go, and should be less error-prone. As
of this release, the new syntax is fully supported, and all Go
files should be updated to have both forms with the same
meaning. To aid in migration, gofmt now automatically
synchronizes the two forms. For more details on the syntax and
migration plan, see https://golang.org/design/draft-gobuild.
* go run now accepts arguments with version suffixes (for
example, go run example.com/cmd@v1.0.0). This causes go run to
build and run packages in module-aware mode, ignoring the
go.mod file in the current directory or any parent directory,
if there is one. This is useful for running executables without
installing them or without changing dependencies of the current
module.
* The format of stack traces from the runtime (printed when an
uncaught panic occurs, or when runtime.Stack is called) is
improved.
* TLS strict ALPN: When Config.NextProtos is set, servers now
enforce that there is an overlap between the configured
protocols and the ALPN protocols advertised by the client, if
any. If there is no mutually supported protocol, the connection
is closed with the no_application_protocol alert, as required
by RFC 7301. This helps mitigate the ALPACA cross-protocol
attack. As an exception, when the value 'h2' is included in the
server's Config.NextProtos, HTTP/1.1 clients will be allowed to
connect as if they didn't support ALPN. See issue go#46310 for
more information.
* crypto/ed25519: The crypto/ed25519 package has been rewritten,
and all operations are now approximately twice as fast on amd64
and arm64. The observable behavior has not otherwise changed.
* crypto/elliptic: CurveParams methods now automatically invoke
faster and safer dedicated implementations for known curves
(P-224, P-256, and P-521) when available. Note that this is a
best-effort approach and applications should avoid using the
generic, not constant-time CurveParams methods and instead use
dedicated Curve implementations such as P256. The P521 curve
implementation has been rewritten using code generated by the
fiat-crypto project, which is based on a formally-verified
model of the arithmetic operations. It is now constant-time and
three times faster on amd64 and arm64. The observable behavior
has not otherwise changed.
* crypto/tls: The new Conn.HandshakeContext method allows the
user to control cancellation of an in-progress TLS
handshake. The provided context is accessible from various
callbacks through the new ClientHelloInfo.Context and
CertificateRequestInfo.Context methods. Canceling the context
after the handshake has finished has no effect.
Cipher suite ordering is now handled entirely by the crypto/tls
package. Currently, cipher suites are sorted based on their
security, performance, and hardware support taking into account
both the local and peer's hardware. The order of the
Config.CipherSuites field is now ignored, as well as the
Config.PreferServerCipherSuites field. Note that
Config.CipherSuites still allows applications to choose what
TLS 1.0–1.2 cipher suites to enable.
The 3DES cipher suites have been moved to InsecureCipherSuites
due to fundamental block size-related weakness. They are still
enabled by default but only as a last resort, thanks to the
cipher suite ordering change above.
Beginning in the next release, Go 1.18, the Config.MinVersion
for crypto/tls clients will default to TLS 1.2, disabling TLS
1.0 and TLS 1.1 by default. Applications will be able to
override the change by explicitly setting
Config.MinVersion. This will not affect crypto/tls servers.
* crypto/x509: CreateCertificate now returns an error if the
provided private key doesn't match the parent's public key, if
any. The resulting certificate would have failed to verify.
* crypto/x509: The temporary GODEBUG=x509ignoreCN=0 flag has been
removed.
* crypto/x509: ParseCertificate has been rewritten, and now
consumes ~70% fewer resources. The observable behavior has not
otherwise changed, except for error messages.
* crypto/x509: Beginning in the next release, Go 1.18,
crypto/x509 will reject certificates signed with the SHA-1 hash
function. This doesn't apply to self-signed root
certificates. Practical attacks against SHA-1 have been
demonstrated in 2017 and publicly trusted Certificate
Authorities have not issued SHA-1 certificates since 2015.
* go/build: The new Context.ToolTags field holds the build tags
appropriate to the current Go toolchain configuration.
* net/http package now uses the new (*tls.Conn).HandshakeContext
with the Request context when performing TLS handshakes in the
client or server.
* syscall: On Unix-like systems, the process group of a child
process is now set with signals blocked. This avoids sending a
SIGTTOU to the child when the parent is in a background process
group.
* time: The new Time.IsDST method can be used to check whether
the time is in Daylight Savings Time in its configured
location.
* time: The new Time.UnixMilli and Time.UnixMicro methods return
the number of milliseconds and microseconds elapsed since
January 1, 1970 UTC respectively.
* time: The new UnixMilli and UnixMicro functions return the
local Time corresponding to the given Unix time.
- Add bash scripts used by go tool commands to provide a more
complete cross-compiling go toolchain install.
Patchnames: SUSE-2021-3315,SUSE-SLE-Module-Development-Tools-15-SP2-2021-3315,SUSE-SLE-Module-Development-Tools-15-SP3-2021-3315
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for go1.17",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.17 fixes the following issues:\n\nThis is the initial go 1.17 shipment. \n\ngo1.17.1 (released 2021-09-09) includes a security fix to the\narchive/zip package, as well as bug fixes to the compiler,\nlinker, the go command, and to the crypto/rand, embed, go/types,\nhtml/template, and net/http packages. (bsc#1190649)\n\nCVE-2021-39293: Fixed an overflow in preallocation check that can cause OOM panic in archive/zip (bsc#1190589)\n\ngo1.17 (released 2021-08-16) is a major release of Go.\n\ngo1.17.x minor releases will be provided through August 2022.\n\nSee https://github.com/golang/go/wiki/Go-Release-Cycle\n\nMost changes are in the implementation of the toolchain, runtime,\nand libraries. As always, the release maintains the Go 1 promise\nof compatibility. We expect almost all Go programs to continue to\ncompile and run as before. (bsc#1190649)\n\n* See release notes https://golang.org/doc/go1.17. Excerpts\n relevant to OBS environment and for SUSE/openSUSE follow:\n* The compiler now implements a new way of passing function\n arguments and results using registers instead of the\n stack. Benchmarks for a representative set of Go packages and\n programs show performance improvements of about 5%, and a\n typical reduction in binary size of about 2%. This is currently\n enabled for Linux, macOS, and Windows on the 64-bit x86\n architecture (the linux/amd64, darwin/amd64, and windows/amd64\n ports). This change does not affect the functionality of any\n safe Go code and is designed to have no impact on most assembly\n code.\n* When the linker uses external linking mode, which is the\n default when linking a program that uses cgo, and the linker is\n invoked with a -I option, the option will now be passed to the\n external linker as a -Wl,--dynamic-linker option.\n* The runtime/cgo package now provides a new facility that allows\n to turn any Go values to a safe representation that can be used\n to pass values between C and Go safely. See runtime/cgo.Handle\n for more information.\n* ARM64 Go programs now maintain stack frame pointers on the\n 64-bit ARM architecture on all operating systems. Previously,\n stack frame pointers were only enabled on Linux, macOS, and\n iOS.\n* Pruned module graphs in go 1.17 modules: If a module specifies\n go 1.17 or higher, the module graph includes only the immediate\n dependencies of other go 1.17 modules, not their full\n transitive dependencies. To convert the go.mod file for an\n existing module to Go 1.17 without changing the selected\n versions of its dependencies, run: go mod tidy -go=1.17\n By default, go mod tidy verifies that the selected versions of\n dependencies relevant to the main module are the same versions\n that would be used by the prior Go release (Go 1.16 for a\n module that specifies go 1.17), and preserves the go.sum\n entries needed by that release even for dependencies that are\n not normally needed by other commands.\n The -compat flag allows that version to be overridden to\n support older (or only newer) versions, up to the version\n specified by the go directive in the go.mod file. To tidy a go\n 1.17 module for Go 1.17 only, without saving checksums for (or\n checking for consistency with) Go 1.16: go mod tidy\n -compat=1.17\n Note that even if the main module is tidied with -compat=1.17,\n users who require the module from a go 1.16 or earlier module\n will still be able to use it, provided that the packages use\n only compatible language and library features.\n The go mod graph subcommand also supports the -go flag, which\n causes it to report the graph as seen by the indicated Go\n version, showing dependencies that may otherwise be pruned out.\n* Module deprecation comments: Module authors may deprecate a\n module by adding a // Deprecated: comment to go.mod, then\n tagging a new version. go get now prints a warning if a module\n needed to build packages named on the command line is\n deprecated. go list -m -u prints deprecations for all\n dependencies (use -f or -json to show the full message). The go\n command considers different major versions to be distinct\n modules, so this mechanism may be used, for example, to provide\n users with migration instructions for a new major version.\n* go get -insecure flag is deprecated and has been removed. To\n permit the use of insecure schemes when fetching dependencies,\n please use the GOINSECURE environment variable. The -insecure\n flag also bypassed module sum validation, use GOPRIVATE or\n GONOSUMDB if you need that functionality. See go help\n environment for details.\n* go get prints a deprecation warning when installing commands\n outside the main module (without the -d flag). go install\n cmd@version should be used instead to install a command at a\n specific version, using a suffix like @latest or @v1.2.3. In Go\n 1.18, the -d flag will always be enabled, and go get will only\n be used to change dependencies in go.mod.\n* go.mod files missing go directives: If the main module\u0027s go.mod\n file does not contain a go directive and the go command cannot\n update the go.mod file, the go command now assumes go 1.11\n instead of the current release. (go mod init has added go\n directives automatically since Go 1.12.)\n If a module dependency lacks an explicit go.mod file, or its\n go.mod file does not contain a go directive, the go command now\n assumes go 1.16 for that dependency instead of the current\n release. (Dependencies developed in GOPATH mode may lack a\n go.mod file, and the vendor/modules.txt has to date never\n recorded the go versions indicated by dependencies\u0027 go.mod\n files.)\n* vendor contents: If the main module specifies go 1.17 or\n higher, go mod vendor now annotates vendor/modules.txt with the\n go version indicated by each vendored module in its own go.mod\n file. The annotated version is used when building the module\u0027s\n packages from vendored source code.\n If the main module specifies go 1.17 or higher, go mod vendor\n now omits go.mod and go.sum files for vendored dependencies,\n which can otherwise interfere with the ability of the go\n command to identify the correct module root when invoked within\n the vendor tree.\n* Password prompts: The go command by default now suppresses SSH\n password prompts and Git Credential Manager prompts when\n fetching Git repositories using SSH, as it already did\n previously for other Git password prompts. Users authenticating\n to private Git repos with password-protected SSH may configure\n an ssh-agent to enable the go command to use password-protected\n SSH keys.\n* go mod download: When go mod download is invoked without\n arguments, it will no longer save sums for downloaded module\n content to go.sum. It may still make changes to go.mod and\n go.sum needed to load the build list. This is the same as the\n behavior in Go 1.15. To save sums for all modules, use:\n go mod download all\n* The go command now understands //go:build lines and prefers\n them over // +build lines. The new syntax uses boolean\n expressions, just like Go, and should be less error-prone. As\n of this release, the new syntax is fully supported, and all Go\n files should be updated to have both forms with the same\n meaning. To aid in migration, gofmt now automatically\n synchronizes the two forms. For more details on the syntax and\n migration plan, see https://golang.org/design/draft-gobuild.\n* go run now accepts arguments with version suffixes (for\n example, go run example.com/cmd@v1.0.0). This causes go run to\n build and run packages in module-aware mode, ignoring the\n go.mod file in the current directory or any parent directory,\n if there is one. This is useful for running executables without\n installing them or without changing dependencies of the current\n module.\n* The format of stack traces from the runtime (printed when an\n uncaught panic occurs, or when runtime.Stack is called) is\n improved.\n* TLS strict ALPN: When Config.NextProtos is set, servers now\n enforce that there is an overlap between the configured\n protocols and the ALPN protocols advertised by the client, if\n any. If there is no mutually supported protocol, the connection\n is closed with the no_application_protocol alert, as required\n by RFC 7301. This helps mitigate the ALPACA cross-protocol\n attack. As an exception, when the value \u0027h2\u0027 is included in the\n server\u0027s Config.NextProtos, HTTP/1.1 clients will be allowed to\n connect as if they didn\u0027t support ALPN. See issue go#46310 for\n more information.\n* crypto/ed25519: The crypto/ed25519 package has been rewritten,\n and all operations are now approximately twice as fast on amd64\n and arm64. The observable behavior has not otherwise changed.\n* crypto/elliptic: CurveParams methods now automatically invoke\n faster and safer dedicated implementations for known curves\n (P-224, P-256, and P-521) when available. Note that this is a\n best-effort approach and applications should avoid using the\n generic, not constant-time CurveParams methods and instead use\n dedicated Curve implementations such as P256. The P521 curve\n implementation has been rewritten using code generated by the\n fiat-crypto project, which is based on a formally-verified\n model of the arithmetic operations. It is now constant-time and\n three times faster on amd64 and arm64. The observable behavior\n has not otherwise changed.\n* crypto/tls: The new Conn.HandshakeContext method allows the\n user to control cancellation of an in-progress TLS\n handshake. The provided context is accessible from various\n callbacks through the new ClientHelloInfo.Context and\n CertificateRequestInfo.Context methods. Canceling the context\n after the handshake has finished has no effect.\n Cipher suite ordering is now handled entirely by the crypto/tls\n package. Currently, cipher suites are sorted based on their\n security, performance, and hardware support taking into account\n both the local and peer\u0027s hardware. The order of the\n Config.CipherSuites field is now ignored, as well as the\n Config.PreferServerCipherSuites field. Note that\n Config.CipherSuites still allows applications to choose what\n TLS 1.0\u20131.2 cipher suites to enable.\n The 3DES cipher suites have been moved to InsecureCipherSuites\n due to fundamental block size-related weakness. They are still\n enabled by default but only as a last resort, thanks to the\n cipher suite ordering change above.\n Beginning in the next release, Go 1.18, the Config.MinVersion\n for crypto/tls clients will default to TLS 1.2, disabling TLS\n 1.0 and TLS 1.1 by default. Applications will be able to\n override the change by explicitly setting\n Config.MinVersion. This will not affect crypto/tls servers.\n* crypto/x509: CreateCertificate now returns an error if the\n provided private key doesn\u0027t match the parent\u0027s public key, if\n any. The resulting certificate would have failed to verify.\n* crypto/x509: The temporary GODEBUG=x509ignoreCN=0 flag has been\n removed.\n* crypto/x509: ParseCertificate has been rewritten, and now\n consumes ~70% fewer resources. The observable behavior has not\n otherwise changed, except for error messages.\n* crypto/x509: Beginning in the next release, Go 1.18,\n crypto/x509 will reject certificates signed with the SHA-1 hash\n function. This doesn\u0027t apply to self-signed root\n certificates. Practical attacks against SHA-1 have been\n demonstrated in 2017 and publicly trusted Certificate\n Authorities have not issued SHA-1 certificates since 2015.\n* go/build: The new Context.ToolTags field holds the build tags\n appropriate to the current Go toolchain configuration.\n* net/http package now uses the new (*tls.Conn).HandshakeContext\n with the Request context when performing TLS handshakes in the\n client or server.\n* syscall: On Unix-like systems, the process group of a child\n process is now set with signals blocked. This avoids sending a\n SIGTTOU to the child when the parent is in a background process\n group.\n* time: The new Time.IsDST method can be used to check whether\n the time is in Daylight Savings Time in its configured\n location.\n* time: The new Time.UnixMilli and Time.UnixMicro methods return\n the number of milliseconds and microseconds elapsed since\n January 1, 1970 UTC respectively.\n* time: The new UnixMilli and UnixMicro functions return the\n local Time corresponding to the given Unix time.\n\n- Add bash scripts used by go tool commands to provide a more\n complete cross-compiling go toolchain install.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-3315,SUSE-SLE-Module-Development-Tools-15-SP2-2021-3315,SUSE-SLE-Module-Development-Tools-15-SP3-2021-3315",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2021_3315-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2021:3315-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20213315-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2021:3315-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2021-October/020401.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190589",
"url": "https://bugzilla.suse.com/1190589"
},
{
"category": "self",
"summary": "SUSE Bug 1190649",
"url": "https://bugzilla.suse.com/1190649"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-39293 page",
"url": "https://www.suse.com/security/cve/CVE-2021-39293/"
}
],
"title": "Recommended update for go1.17",
"tracking": {
"current_release_date": "2021-10-06T17:29:52Z",
"generator": {
"date": "2021-10-06T17:29:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2021:3315-1",
"initial_release_date": "2021-10-06T17:29:52Z",
"revision_history": [
{
"date": "2021-10-06T17:29:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.1-1.3.1.aarch64",
"product": {
"name": "go1.17-1.17.1-1.3.1.aarch64",
"product_id": "go1.17-1.17.1-1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.1-1.3.1.aarch64",
"product": {
"name": "go1.17-doc-1.17.1-1.3.1.aarch64",
"product_id": "go1.17-doc-1.17.1-1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.1-1.3.1.aarch64",
"product": {
"name": "go1.17-race-1.17.1-1.3.1.aarch64",
"product_id": "go1.17-race-1.17.1-1.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.1-1.3.1.i586",
"product": {
"name": "go1.17-1.17.1-1.3.1.i586",
"product_id": "go1.17-1.17.1-1.3.1.i586"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.1-1.3.1.i586",
"product": {
"name": "go1.17-doc-1.17.1-1.3.1.i586",
"product_id": "go1.17-doc-1.17.1-1.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.1-1.3.1.ppc64le",
"product": {
"name": "go1.17-1.17.1-1.3.1.ppc64le",
"product_id": "go1.17-1.17.1-1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.1-1.3.1.ppc64le",
"product": {
"name": "go1.17-doc-1.17.1-1.3.1.ppc64le",
"product_id": "go1.17-doc-1.17.1-1.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.1-1.3.1.s390x",
"product": {
"name": "go1.17-1.17.1-1.3.1.s390x",
"product_id": "go1.17-1.17.1-1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.1-1.3.1.s390x",
"product": {
"name": "go1.17-doc-1.17.1-1.3.1.s390x",
"product_id": "go1.17-doc-1.17.1-1.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.1-1.3.1.x86_64",
"product": {
"name": "go1.17-1.17.1-1.3.1.x86_64",
"product_id": "go1.17-1.17.1-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.1-1.3.1.x86_64",
"product": {
"name": "go1.17-doc-1.17.1-1.3.1.x86_64",
"product_id": "go1.17-doc-1.17.1-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.1-1.3.1.x86_64",
"product": {
"name": "go1.17-race-1.17.1-1.3.1.x86_64",
"product_id": "go1.17-race-1.17.1-1.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.aarch64"
},
"product_reference": "go1.17-1.17.1-1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.ppc64le"
},
"product_reference": "go1.17-1.17.1-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.s390x"
},
"product_reference": "go1.17-1.17.1-1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.x86_64"
},
"product_reference": "go1.17-1.17.1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.aarch64"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.ppc64le"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.s390x"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.1-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.aarch64"
},
"product_reference": "go1.17-race-1.17.1-1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.1-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.x86_64"
},
"product_reference": "go1.17-race-1.17.1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.aarch64"
},
"product_reference": "go1.17-1.17.1-1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.ppc64le"
},
"product_reference": "go1.17-1.17.1-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.s390x"
},
"product_reference": "go1.17-1.17.1-1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.1-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.x86_64"
},
"product_reference": "go1.17-1.17.1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.aarch64"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.ppc64le"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.s390x"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.1-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.1-1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.aarch64"
},
"product_reference": "go1.17-race-1.17.1-1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.1-1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.x86_64"
},
"product_reference": "go1.17-race-1.17.1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-39293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-39293"
}
],
"notes": [
{
"category": "general",
"text": "In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-39293",
"url": "https://www.suse.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "SUSE Bug 1190589 for CVE-2021-39293",
"url": "https://bugzilla.suse.com/1190589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-doc-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.17-race-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.1-1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-10-06T17:29:52Z",
"details": "important"
}
],
"title": "CVE-2021-39293"
}
]
}
SUSE-SU-2021:3292-1
Vulnerability from csaf_suse - Published: 2021-10-06 14:46 - Updated: 2021-10-06 14:46Summary
Security update for go1.16
Severity
Important
Notes
Title of the patch: Security update for go1.16
Description of the patch: This update for go1.16 fixes the following issues:
- Update to go 1.16.8
- CVE-2021-39293: Fixed a buffer overflow issue in preallocation check that can cause OOM panic. (bas#)
Patchnames: SUSE-2021-3292,SUSE-SLE-Module-Development-Tools-15-SP2-2021-3292,SUSE-SLE-Module-Development-Tools-15-SP3-2021-3292
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.16",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.16 fixes the following issues:\n\n- Update to go 1.16.8\n- CVE-2021-39293: Fixed a buffer overflow issue in preallocation check that can cause OOM panic. (bas#)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-3292,SUSE-SLE-Module-Development-Tools-15-SP2-2021-3292,SUSE-SLE-Module-Development-Tools-15-SP3-2021-3292",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3292-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:3292-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20213292-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:3292-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-October/009545.html"
},
{
"category": "self",
"summary": "SUSE Bug 1182345",
"url": "https://bugzilla.suse.com/1182345"
},
{
"category": "self",
"summary": "SUSE Bug 1190589",
"url": "https://bugzilla.suse.com/1190589"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-39293 page",
"url": "https://www.suse.com/security/cve/CVE-2021-39293/"
}
],
"title": "Security update for go1.16",
"tracking": {
"current_release_date": "2021-10-06T14:46:27Z",
"generator": {
"date": "2021-10-06T14:46:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:3292-1",
"initial_release_date": "2021-10-06T14:46:27Z",
"revision_history": [
{
"date": "2021-10-06T14:46:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.8-1.26.1.aarch64",
"product": {
"name": "go1.16-1.16.8-1.26.1.aarch64",
"product_id": "go1.16-1.16.8-1.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.8-1.26.1.aarch64",
"product": {
"name": "go1.16-doc-1.16.8-1.26.1.aarch64",
"product_id": "go1.16-doc-1.16.8-1.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.8-1.26.1.aarch64",
"product": {
"name": "go1.16-race-1.16.8-1.26.1.aarch64",
"product_id": "go1.16-race-1.16.8-1.26.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.8-1.26.1.i586",
"product": {
"name": "go1.16-1.16.8-1.26.1.i586",
"product_id": "go1.16-1.16.8-1.26.1.i586"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.8-1.26.1.i586",
"product": {
"name": "go1.16-doc-1.16.8-1.26.1.i586",
"product_id": "go1.16-doc-1.16.8-1.26.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.8-1.26.1.ppc64le",
"product": {
"name": "go1.16-1.16.8-1.26.1.ppc64le",
"product_id": "go1.16-1.16.8-1.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.8-1.26.1.ppc64le",
"product": {
"name": "go1.16-doc-1.16.8-1.26.1.ppc64le",
"product_id": "go1.16-doc-1.16.8-1.26.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.8-1.26.1.s390x",
"product": {
"name": "go1.16-1.16.8-1.26.1.s390x",
"product_id": "go1.16-1.16.8-1.26.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.8-1.26.1.s390x",
"product": {
"name": "go1.16-doc-1.16.8-1.26.1.s390x",
"product_id": "go1.16-doc-1.16.8-1.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.16-1.16.8-1.26.1.x86_64",
"product": {
"name": "go1.16-1.16.8-1.26.1.x86_64",
"product_id": "go1.16-1.16.8-1.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.16-doc-1.16.8-1.26.1.x86_64",
"product": {
"name": "go1.16-doc-1.16.8-1.26.1.x86_64",
"product_id": "go1.16-doc-1.16.8-1.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.16-race-1.16.8-1.26.1.x86_64",
"product": {
"name": "go1.16-race-1.16.8-1.26.1.x86_64",
"product_id": "go1.16-race-1.16.8-1.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.aarch64"
},
"product_reference": "go1.16-1.16.8-1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.ppc64le"
},
"product_reference": "go1.16-1.16.8-1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.s390x"
},
"product_reference": "go1.16-1.16.8-1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.x86_64"
},
"product_reference": "go1.16-1.16.8-1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.aarch64"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.ppc64le"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.s390x"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.x86_64"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.8-1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.aarch64"
},
"product_reference": "go1.16-race-1.16.8-1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.8-1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.x86_64"
},
"product_reference": "go1.16-race-1.16.8-1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.aarch64"
},
"product_reference": "go1.16-1.16.8-1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.ppc64le"
},
"product_reference": "go1.16-1.16.8-1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.s390x"
},
"product_reference": "go1.16-1.16.8-1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-1.16.8-1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.x86_64"
},
"product_reference": "go1.16-1.16.8-1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.aarch64"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.ppc64le"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.s390x"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-doc-1.16.8-1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.x86_64"
},
"product_reference": "go1.16-doc-1.16.8-1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.8-1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.aarch64"
},
"product_reference": "go1.16-race-1.16.8-1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.16-race-1.16.8-1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.x86_64"
},
"product_reference": "go1.16-race-1.16.8-1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-39293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-39293"
}
],
"notes": [
{
"category": "general",
"text": "In archive/zip in Go before 1.16.8 and 1.17.x before 1.17.1, a crafted archive header (falsely designating that many files are present) can cause a NewReader or OpenReader panic. NOTE: this issue exists because of an incomplete fix for CVE-2021-33196.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-39293",
"url": "https://www.suse.com/security/cve/CVE-2021-39293"
},
{
"category": "external",
"summary": "SUSE Bug 1190589 for CVE-2021-39293",
"url": "https://bugzilla.suse.com/1190589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.8-1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.8-1.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-10-06T14:46:27Z",
"details": "important"
}
],
"title": "CVE-2021-39293"
}
]
}
WID-SEC-W-2023-2229
Vulnerability from csaf_certbund - Published: 2023-08-30 22:00 - Updated: 2025-11-18 23:00Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff: Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuführen, einen 'Denial of Service'-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.9
Splunk / Splunk Enterprise
|
<9.0.9 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Splunk Splunk Enterprise
Splunk / Splunk Enterprise
|
cpe:/a:splunk:splunk:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.1.4
Splunk / Splunk Enterprise
|
<9.1.4 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Splunk Splunk Enterprise <8.2.12
Splunk / Splunk Enterprise
|
<8.2.12 | ||
|
Splunk Splunk Enterprise <9.2.1
Splunk / Splunk Enterprise
|
<9.2.1 | ||
|
Splunk Splunk Enterprise <9.0.6
Splunk / Splunk Enterprise
|
<9.0.6 | ||
|
Splunk Splunk Enterprise <9.1.1
Splunk / Splunk Enterprise
|
<9.1.1 | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
References
16 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2229 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2229.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2229 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2229"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0801"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0802"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0803"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0804"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0805"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0806"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0807"
},
{
"category": "external",
"summary": "Splunk Security Advisory vom 2023-08-30",
"url": "https://advisory.splunk.com//advisories/SVD-2023-0808"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28",
"url": "https://linux.oracle.com/errata/ELSA-2024-2988.html"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2024-0718 vom 2024-07-02",
"url": "https://advisory.splunk.com/advisories/SVD-2024-0718"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2024-0801 vom 2024-08-12",
"url": "https://advisory.splunk.com//advisories/SVD-2024-0801"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03545-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UB7MGNRMXC5LO5Y66FLOE354VVU5ULQK/"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
}
],
"source_lang": "en-US",
"title": "Splunk Splunk Enterprise: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-18T23:00:00.000+00:00",
"generator": {
"date": "2025-11-19T09:42:41.445+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2023-2229",
"initial_release_date": "2023-08-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-08-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-01-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2024-08-12T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.1",
"product": {
"name": "Atlassian Confluence \u003c10.1.1",
"product_id": "T048680"
}
},
{
"category": "product_version",
"name": "10.1.1",
"product": {
"name": "Atlassian Confluence 10.1.1",
"product_id": "T048680-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Confluence \u003c10.0.2",
"product_id": "T048685"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Confluence 10.0.2",
"product_id": "T048685-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.7",
"product": {
"name": "Atlassian Confluence \u003c9.2.7",
"product_id": "T048686"
}
},
{
"category": "product_version",
"name": "9.2.7",
"product": {
"name": "Atlassian Confluence 9.2.7",
"product_id": "T048686-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.25",
"product": {
"name": "Atlassian Confluence \u003c8.5.25",
"product_id": "T048687"
}
},
{
"category": "product_version",
"name": "8.5.25",
"product": {
"name": "Atlassian Confluence 8.5.25",
"product_id": "T048687-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.25"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Splunk Splunk Enterprise",
"product": {
"name": "Splunk Splunk Enterprise",
"product_id": "T008911",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.1",
"product_id": "T029634"
}
},
{
"category": "product_version",
"name": "9.1.1",
"product": {
"name": "Splunk Splunk Enterprise 9.1.1",
"product_id": "T029634-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.0.6",
"product_id": "T029635"
}
},
{
"category": "product_version",
"name": "9.0.6",
"product": {
"name": "Splunk Splunk Enterprise 9.0.6",
"product_id": "T029635-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.2.12",
"product": {
"name": "Splunk Splunk Enterprise \u003c8.2.12",
"product_id": "T029636"
}
},
{
"category": "product_version",
"name": "8.2.12",
"product": {
"name": "Splunk Splunk Enterprise 8.2.12",
"product_id": "T029636-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:8.2.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.1",
"product_id": "T033705"
}
},
{
"category": "product_version",
"name": "9.2.1",
"product": {
"name": "Splunk Splunk Enterprise 9.2.1",
"product_id": "T033705-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.4",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.4",
"product_id": "T033718"
}
},
{
"category": "product_version",
"name": "9.1.4",
"product": {
"name": "Splunk Splunk Enterprise 9.1.4",
"product_id": "T033718-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.9",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.0.9",
"product_id": "T033720"
}
},
{
"category": "product_version",
"name": "9.0.9",
"product": {
"name": "Splunk Splunk Enterprise 9.0.9",
"product_id": "T033720-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.0.9"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7489",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2013-7489"
},
{
"cve": "CVE-2018-10237",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2018-10237"
},
{
"cve": "CVE-2018-20225",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2018-20225"
},
{
"cve": "CVE-2019-20454",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2019-20454"
},
{
"cve": "CVE-2019-20838",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2019-20838"
},
{
"cve": "CVE-2020-14155",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-14155"
},
{
"cve": "CVE-2020-28469",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-28469"
},
{
"cve": "CVE-2020-28851",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-28851"
},
{
"cve": "CVE-2020-29652",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-29652"
},
{
"cve": "CVE-2020-8169",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8169"
},
{
"cve": "CVE-2020-8177",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8177"
},
{
"cve": "CVE-2020-8231",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8231"
},
{
"cve": "CVE-2020-8284",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8284"
},
{
"cve": "CVE-2020-8285",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8285"
},
{
"cve": "CVE-2020-8286",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8286"
},
{
"cve": "CVE-2020-8908",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2020-8908"
},
{
"cve": "CVE-2021-20066",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-20066"
},
{
"cve": "CVE-2021-22569",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22569"
},
{
"cve": "CVE-2021-22876",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22876"
},
{
"cve": "CVE-2021-22890",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22890"
},
{
"cve": "CVE-2021-22897",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22897"
},
{
"cve": "CVE-2021-22898",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22898"
},
{
"cve": "CVE-2021-22901",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22901"
},
{
"cve": "CVE-2021-22922",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22922"
},
{
"cve": "CVE-2021-22923",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22923"
},
{
"cve": "CVE-2021-22924",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22924"
},
{
"cve": "CVE-2021-22925",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22925"
},
{
"cve": "CVE-2021-22926",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22926"
},
{
"cve": "CVE-2021-22945",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22945"
},
{
"cve": "CVE-2021-22946",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-22947",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-22947"
},
{
"cve": "CVE-2021-23343",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-23343"
},
{
"cve": "CVE-2021-23382",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-23382"
},
{
"cve": "CVE-2021-27918",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-27918"
},
{
"cve": "CVE-2021-27919",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-27919"
},
{
"cve": "CVE-2021-29060",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-29060"
},
{
"cve": "CVE-2021-29425",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-29425"
},
{
"cve": "CVE-2021-29923",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-31525",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-31525"
},
{
"cve": "CVE-2021-31566",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-31566"
},
{
"cve": "CVE-2021-33194",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-33194"
},
{
"cve": "CVE-2021-33195",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-33195"
},
{
"cve": "CVE-2021-33196",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-33196"
},
{
"cve": "CVE-2021-33197",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-33197"
},
{
"cve": "CVE-2021-33198",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-33198"
},
{
"cve": "CVE-2021-34558",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-34558"
},
{
"cve": "CVE-2021-3520",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-3520"
},
{
"cve": "CVE-2021-3572",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-3572"
},
{
"cve": "CVE-2021-36221",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-36976",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-36976"
},
{
"cve": "CVE-2021-3803",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2021-38297",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-38297"
},
{
"cve": "CVE-2021-38561",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-38561"
},
{
"cve": "CVE-2021-39293",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-39293"
},
{
"cve": "CVE-2021-41182",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-41182"
},
{
"cve": "CVE-2021-41183",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-41183"
},
{
"cve": "CVE-2021-41184",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-41771",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-43565",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2021-44716",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2022-1705",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-1705"
},
{
"cve": "CVE-2022-1941",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-1941"
},
{
"cve": "CVE-2022-1962",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-1962"
},
{
"cve": "CVE-2022-22576",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-2309",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-2309"
},
{
"cve": "CVE-2022-23491",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-23491"
},
{
"cve": "CVE-2022-23772",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-24675",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24921",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-24921"
},
{
"cve": "CVE-2022-24999",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-24999"
},
{
"cve": "CVE-2022-25881",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-25881"
},
{
"cve": "CVE-2022-27191",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27191"
},
{
"cve": "CVE-2022-27536",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-27664",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-27774",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-27775",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-27776",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-27778",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27778"
},
{
"cve": "CVE-2022-27779",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27779"
},
{
"cve": "CVE-2022-27780",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27780"
},
{
"cve": "CVE-2022-27781",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27782",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-28131",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-28131"
},
{
"cve": "CVE-2022-28327",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-2879",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-2879"
},
{
"cve": "CVE-2022-2880",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-2880"
},
{
"cve": "CVE-2022-29526",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-29526"
},
{
"cve": "CVE-2022-29804",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-29804"
},
{
"cve": "CVE-2022-30115",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30115"
},
{
"cve": "CVE-2022-30580",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30580"
},
{
"cve": "CVE-2022-30629",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30629"
},
{
"cve": "CVE-2022-30630",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30630"
},
{
"cve": "CVE-2022-30631",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30631"
},
{
"cve": "CVE-2022-30632",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30632"
},
{
"cve": "CVE-2022-30633",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-30634",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30634"
},
{
"cve": "CVE-2022-30635",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-30635"
},
{
"cve": "CVE-2022-31129",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-31129"
},
{
"cve": "CVE-2022-3171",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-3171"
},
{
"cve": "CVE-2022-32148",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32148"
},
{
"cve": "CVE-2022-32149",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32149"
},
{
"cve": "CVE-2022-32189",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32189"
},
{
"cve": "CVE-2022-32205",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2022-32206",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32207",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32208",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32221",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-33987",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-33987"
},
{
"cve": "CVE-2022-3509",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-3509"
},
{
"cve": "CVE-2022-3510",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-3510"
},
{
"cve": "CVE-2022-3517",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-3517"
},
{
"cve": "CVE-2022-35252",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-35260",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-35260"
},
{
"cve": "CVE-2022-35737",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-35737"
},
{
"cve": "CVE-2022-36227",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-36227"
},
{
"cve": "CVE-2022-37599",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-37599"
},
{
"cve": "CVE-2022-37601",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-37601"
},
{
"cve": "CVE-2022-37603",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-37603"
},
{
"cve": "CVE-2022-38900",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2022-40023",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-40023"
},
{
"cve": "CVE-2022-40897",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-40897"
},
{
"cve": "CVE-2022-40899",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-40899"
},
{
"cve": "CVE-2022-41715",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-41716",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-41716"
},
{
"cve": "CVE-2022-41720",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-41720"
},
{
"cve": "CVE-2022-41722",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-41722"
},
{
"cve": "CVE-2022-42003",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-42915",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-42916",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-42916"
},
{
"cve": "CVE-2022-43551",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-43551"
},
{
"cve": "CVE-2022-43552",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-43552"
},
{
"cve": "CVE-2022-46175",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2022-46175"
},
{
"cve": "CVE-2023-23914",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23915",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23916",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-24539",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-24539"
},
{
"cve": "CVE-2023-24540",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-24540"
},
{
"cve": "CVE-2023-27533",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27537",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-27537"
},
{
"cve": "CVE-2023-27538",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-29400",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-29400"
},
{
"cve": "CVE-2023-29402",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-29402"
},
{
"cve": "CVE-2023-29403",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-29403"
},
{
"cve": "CVE-2023-29404",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-29404"
},
{
"cve": "CVE-2023-29405",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-29405"
},
{
"cve": "CVE-2023-40592",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40592"
},
{
"cve": "CVE-2023-40593",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40593"
},
{
"cve": "CVE-2023-40594",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40594"
},
{
"cve": "CVE-2023-40595",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40595"
},
{
"cve": "CVE-2023-40596",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40596"
},
{
"cve": "CVE-2023-40597",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40597"
},
{
"cve": "CVE-2023-40598",
"product_status": {
"known_affected": [
"T033720",
"T048680",
"T008911",
"T004914",
"T002207",
"T033718",
"T048685",
"T029636",
"T033705",
"T029635",
"T029634",
"T048687",
"T048686"
]
},
"release_date": "2023-08-30T22:00:00.000+00:00",
"title": "CVE-2023-40598"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…