Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-28327 (GCVE-0-2022-28327)
Vulnerability from cvelistv5 – Published: 2022-04-20 00:00 – Updated: 2024-08-03 05:48
VLAI
EPSS
Summary
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
Severity
7.5 (High)
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://groups.google.com/g/golang-announce | |
| https://groups.google.com/g/golang-announce/c/oec… | |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://security.gentoo.org/glsa/202208-02 | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://security.netapp.com/advisory/ntap-2022091… | |
| https://cert-portal.siemens.com/productcert/pdf/s… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:38.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "FEDORA-2022-a49babed75",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
},
{
"name": "FEDORA-2022-53f0c619c5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/"
},
{
"name": "FEDORA-2022-c0f780ecf1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
},
{
"name": "FEDORA-2022-e46e6e8317",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
},
{
"name": "FEDORA-2022-fae3ecee19",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
},
{
"name": "FEDORA-2022-ba365d3703",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"name": "FEDORA-2022-30c5ed5625",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce"
},
{
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
},
{
"name": "FEDORA-2022-a49babed75",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
},
{
"name": "FEDORA-2022-53f0c619c5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/"
},
{
"name": "FEDORA-2022-c0f780ecf1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
},
{
"name": "FEDORA-2022-e46e6e8317",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
},
{
"name": "FEDORA-2022-fae3ecee19",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
},
{
"name": "FEDORA-2022-ba365d3703",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
},
{
"name": "GLSA-202208-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"name": "FEDORA-2022-30c5ed5625",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-28327",
"datePublished": "2022-04-20T00:00:00.000Z",
"dateReserved": "2022-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:48:38.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-28327",
"date": "2026-06-04",
"epss": "0.0018",
"percentile": "0.39372"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-28327\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-04-20T10:15:08.030\",\"lastModified\":\"2024-11-21T06:57:10.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.\"},{\"lang\":\"es\",\"value\":\"La caracter\u00edstica gen\u00e9rica P-256 en crypto/elliptic en Go versiones anteriores a 1.17.9 y versiones 1.18.x anteriores a 1.18.1, permite un p\u00e1nico por medio de una entrada escalar larga\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.9\",\"matchCriteriaId\":\"2437ADD6-8C18-49F6-BF6A-EEBE68F66031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.1\",\"matchCriteriaId\":\"F786A4EC-4A24-4216-8F24-3BD4091BE741\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D9C7598-4BB4-442A-86DF-EEDE041A4CC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB176AC3-3CDA-4DDA-9089-C67B2F73AA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://groups.google.com/g/golang-announce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/oecdBNLOml8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220915-0010/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/g/golang-announce\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/oecdBNLOml8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NY6GEAJMNKKMU5H46QO4D7D6A24KSPXE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220915-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2023:3664
Vulnerability from csaf_redhat - Published: 2023-06-19 10:32 - Updated: 2026-01-22 04:23Summary
Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update
Severity
Moderate
Notes
Topic: Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.
Security Fix(es):
* golang: net/http: An attacker can cause excessive memory growth in a Go
server accepting HTTP/2 requests (CVE-2022-41717)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)
* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)
* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x | — |
Threats
Impact
Moderate
An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x | — |
Threats
Impact
Moderate
A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x | — |
Threats
Impact
Moderate
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 | — | ||
| Unresolved product id: 8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x | — |
Threats
Impact
Moderate
References
50 references
Acknowledgments
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
ADA Logics
Adam Korczynski
OSS-Fuzz
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of Security Advisory for the OpenShift Jenkins image and Jenkins agent base image.\n\nSecurity Fix(es):\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go\nserver accepting HTTP/2 requests (CVE-2022-41717)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3664",
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "2107374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
},
{
"category": "external",
"summary": "2107383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "OCPBUGS-11182",
"url": "https://issues.redhat.com/browse/OCPBUGS-11182"
},
{
"category": "external",
"summary": "OCPBUGS-13653",
"url": "https://issues.redhat.com/browse/OCPBUGS-13653"
},
{
"category": "external",
"summary": "OCPBUGS-14114",
"url": "https://issues.redhat.com/browse/OCPBUGS-14114"
},
{
"category": "external",
"summary": "OCPBUGS-1438",
"url": "https://issues.redhat.com/browse/OCPBUGS-1438"
},
{
"category": "external",
"summary": "OCPBUGS-14646",
"url": "https://issues.redhat.com/browse/OCPBUGS-14646"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3664.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update",
"tracking": {
"current_release_date": "2026-01-22T04:23:54+00:00",
"generator": {
"date": "2026-01-22T04:23:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2023:3664",
"initial_release_date": "2023-06-19T10:32:56+00:00",
"revision_history": [
{
"date": "2023-06-19T10:32:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-19T10:32:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-22T04:23:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product": {
"name": "OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ocp_tools:4.11::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Jenkins"
},
{
"branches": [
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"product": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"product_id": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8\u0026tag=v4.11.0-1686831582"
}
}
},
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64",
"product": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64",
"product_id": "ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb?arch=amd64\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-rhel8\u0026tag=v4.11.0-1686832830"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"product": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"product_id": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8\u0026tag=v4.11.0-1686831582"
}
}
},
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"product": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"product_id": "ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d?arch=arm64\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-rhel8\u0026tag=v4.11.0-1686832830"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"product": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"product_id": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8\u0026tag=v4.11.0-1686831582"
}
}
},
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"product": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"product_id": "ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b?arch=ppc64le\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-rhel8\u0026tag=v4.11.0-1686832830"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"product": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"product_id": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8\u0026tag=v4.11.0-1686831582"
}
}
},
{
"category": "product_version",
"name": "ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"product": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"product_id": "ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22?arch=s390x\u0026repository_url=registry.redhat.io/ocp-tools-4/jenkins-rhel8\u0026tag=v4.11.0-1686832830"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64 as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64"
},
"product_reference": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le"
},
"product_reference": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64 as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64"
},
"product_reference": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
},
"product_reference": "ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x"
},
"product_reference": "ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le"
},
"product_reference": "ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64 as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64"
},
"product_reference": "ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64 as a component of OpenShift Developer Tools and Services for OCP 4.11 for RHEL 8",
"product_id": "8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
},
"product_reference": "ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64",
"relates_to_product_reference": "8Base-OCP-Tools-4.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1705",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107374"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating \"chunked\" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: improper sanitization of Transfer-Encoding header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1705"
},
{
"category": "external",
"summary": "RHBZ#2107374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705"
},
{
"category": "external",
"summary": "https://go.dev/issue/53188",
"url": "https://go.dev/issue/53188"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:32:56+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: improper sanitization of Transfer-Encoding header"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:32:56+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-28327",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2077689"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: panic caused by oversized scalar",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "RHBZ#2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
}
],
"release_date": "2022-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:32:56+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: panic caused by oversized scalar"
},
{
"cve": "CVE-2022-32148",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with account management controls, including integration with single sign-on (SSO), to ensure that user permissions are restricted to only the functions necessary for their roles. Access to sensitive information is explicitly authorized and enforced based on predefined access policies. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, which helps identify patterns of unauthorized access or data exposure. The platform enforces the use of validated cryptographic modules across compute resources to protect the confidentiality of information, even in the event of interception.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32148"
},
{
"category": "external",
"summary": "RHBZ#2107383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32148",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32148"
},
{
"category": "external",
"summary": "https://go.dev/issue/53423",
"url": "https://go.dev/issue/53423"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:32:56+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:32:56+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"known_not_affected": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-19T10:32:56+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0aa40f00ce3a9d9dad422e00eb3e726d5fa25d5fa86f94ff3db4aa55ec776b13_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:0fd1b4e1b169778f676fdceac6d8d8eec3ded32abe503933909bdf3e65707c2f_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:8e8bc685e43e595fc98e420d7187a8b9de0bbc7c6d27bf683d806cedccb6a4c4_amd64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-agent-base-rhel8@sha256:f60d566ae257cc302b0d4dc83f434bd8630bf80f760a7c144ddc347071b77fbf_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:4af748991937f5510f9b82a122eb1a854be311f67aaa99b58ccb628b03a8fe22_s390x",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:986d150664d8705598f3864737164141b41ed87806374d8f6f44829ffea2673b_ppc64le",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:c2367f2d7e31a0d984436cb9688de80d35191b4fae450780405ca26be64fa33d_arm64",
"8Base-OCP-Tools-4.11:ocp-tools-4/jenkins-rhel8@sha256:e93d570f858c6608fe9dc76fb8019b4d48fc6db8ca885e59c769bacac3a636bb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
}
]
}
RHSA-2023:3914
Vulnerability from csaf_redhat - Published: 2023-07-06 02:47 - Updated: 2026-06-02 17:38Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.11.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.44. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2023:3915
Security Fix(es):
* openshift: OCP & FIPS mode (CVE-2023-3089)
* golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)
* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)
* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
134 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Threats
Impact
Moderate
A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
134 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Threats
Impact
Moderate
An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.
7.5 (High)
Affected products
Fixed
97 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
58 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Threats
Impact
Moderate
A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.
CWE-331 - Insufficient EntropyAffected products
Fixed
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Threats
Impact
Low
A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
5.3 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
150 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Threats
Impact
Moderate
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
6.5 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
147 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.
8.1 (High)
Affected products
Fixed
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
71 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 | — |
Workaround
|
Threats
Impact
Important
References
50 references
Acknowledgments
Red Hat
David Benoit
Mattermost
Juho Nurminen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.11.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.44. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2023:3915\n\nSecurity Fix(es):\n\n* openshift: OCP \u0026 FIPS mode (CVE-2023-3089)\n\n* golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3914",
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-001"
},
{
"category": "external",
"summary": "2053532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
},
{
"category": "external",
"summary": "2077688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
},
{
"category": "external",
"summary": "2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "2092793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "2196027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196027"
},
{
"category": "external",
"summary": "2212085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212085"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3914.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise security update",
"tracking": {
"current_release_date": "2026-06-02T17:38:59+00:00",
"generator": {
"date": "2026-06-02T17:38:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:3914",
"initial_release_date": "2023-07-06T02:47:40+00:00",
"revision_history": [
{
"date": "2023-07-06T02:47:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-06T02:47:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:38:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.11",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.11::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.src",
"product": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.src",
"product_id": "buildah-1:1.23.4-3.rhaos4.11.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.23.4-3.rhaos4.11.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.src",
"product": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.src",
"product_id": "conmon-2:2.1.2-3.rhaos4.11.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.1.2-3.rhaos4.11.el8?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"product": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"product_id": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.0.1-6.rhaos4.11.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"product": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"product_id": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"product": {
"name": "openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"product_id": "openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.11.0-202306260054.p0.g990d55b.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"product": {
"name": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"product_id": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"product": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"product_id": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"product": {
"name": "openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"product_id": "openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@4.11.0-202306280915.p0.gc732699.assembly.stream.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "podman-2:4.0.2-7.rhaos4.11.el8.src",
"product": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.src",
"product_id": "podman-2:4.0.2-7.rhaos4.11.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.0.2-7.rhaos4.11.el8?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-3:1.1.2-2.rhaos4.11.el8.src",
"product": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.src",
"product_id": "runc-3:1.1.2-2.rhaos4.11.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.1.2-2.rhaos4.11.el8?arch=src\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"product": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"product_id": "skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.5.2-4.rhaos4.11.el8?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_id": "buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.23.4-3.rhaos4.11.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_id": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.23.4-3.rhaos4.11.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_id": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.23.4-3.rhaos4.11.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_id": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.23.4-3.rhaos4.11.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_id": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.23.4-3.rhaos4.11.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product_id": "conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.1.2-3.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product_id": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.1.2-3.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product_id": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.1.2-3.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product_id": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.0.1-6.rhaos4.11.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product_id": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.0.1-6.rhaos4.11.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product_id": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.0.1-6.rhaos4.11.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product_id": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.11.0-202306260054.p0.g990d55b.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_id": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.0.2-7.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product_id": "runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.1.2-2.rhaos4.11.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product_id": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.1.2-2.rhaos4.11.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product_id": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.1.2-2.rhaos4.11.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_id": "skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.5.2-4.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_id": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.5.2-4.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_id": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.5.2-4.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_id": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.5.2-4.rhaos4.11.el8?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_id": "buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.23.4-3.rhaos4.11.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_id": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.23.4-3.rhaos4.11.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_id": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.23.4-3.rhaos4.11.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_id": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.23.4-3.rhaos4.11.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_id": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.23.4-3.rhaos4.11.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product_id": "conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.1.2-3.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product_id": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.1.2-3.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product_id": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.1.2-3.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product_id": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.0.1-6.rhaos4.11.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product_id": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.0.1-6.rhaos4.11.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product_id": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.0.1-6.rhaos4.11.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product_id": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product_id": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product_id": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"product_id": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.11.0-202306260054.p0.g990d55b.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"product": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"product_id": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_id": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.0.2-7.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product_id": "runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.1.2-2.rhaos4.11.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product_id": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.1.2-2.rhaos4.11.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product_id": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.1.2-2.rhaos4.11.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_id": "skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.5.2-4.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_id": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.5.2-4.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_id": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.5.2-4.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_id": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.5.2-4.rhaos4.11.el8?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_id": "buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.23.4-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_id": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.23.4-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_id": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.23.4-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_id": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.23.4-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_id": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.23.4-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product_id": "conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.1.2-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product_id": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.1.2-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product_id": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.1.2-3.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product_id": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.0.1-6.rhaos4.11.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product_id": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.0.1-6.rhaos4.11.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.0.1-6.rhaos4.11.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product_id": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.11.0-202306260054.p0.g990d55b.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"product_id": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_id": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.0.2-7.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product_id": "runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.1.2-2.rhaos4.11.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product_id": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.1.2-2.rhaos4.11.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product_id": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.1.2-2.rhaos4.11.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_id": "skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.5.2-4.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_id": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.5.2-4.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_id": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.5.2-4.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_id": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.5.2-4.rhaos4.11.el8?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"product": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_id": "buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.23.4-3.rhaos4.11.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"product": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_id": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.23.4-3.rhaos4.11.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"product": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_id": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.23.4-3.rhaos4.11.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"product": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_id": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.23.4-3.rhaos4.11.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"product": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_id": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.23.4-3.rhaos4.11.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"product": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"product_id": "conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.1.2-3.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"product": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"product_id": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.1.2-3.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"product": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"product_id": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.1.2-3.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"product": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"product_id": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.0.1-6.rhaos4.11.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"product": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"product_id": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.0.1-6.rhaos4.11.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"product_id": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.0.1-6.rhaos4.11.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product_id": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product_id": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.24.6-2.rhaos4.11.git4bfe15a.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"product_id": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.11.0-202306260054.p0.g990d55b.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"product": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"product_id": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_id": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.0.2-7.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"product": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"product_id": "runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.1.2-2.rhaos4.11.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"product": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"product_id": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.1.2-2.rhaos4.11.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"product": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"product_id": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.1.2-2.rhaos4.11.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"product": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_id": "skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.5.2-4.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"product": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_id": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.5.2-4.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"product": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_id": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.5.2-4.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_id": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.5.2-4.rhaos4.11.el8?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"product": {
"name": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"product_id": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"product": {
"name": "openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"product_id": "openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product": {
"name": "openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_id": "openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.11.0-202306280915.p0.gc732699.assembly.stream.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product": {
"name": "openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_id": "openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@4.11.0-202306280915.p0.gc732699.assembly.stream.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product": {
"name": "openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_id": "openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.11.0-202306280915.p0.gc732699.assembly.stream.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product": {
"name": "python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_id": "python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.11.0-202306280915.p0.gc732699.assembly.stream.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"product": {
"name": "podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"product_id": "podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@4.0.2-7.rhaos4.11.el8?arch=noarch\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64"
},
"product_reference": "buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x"
},
"product_reference": "buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src"
},
"product_reference": "buildah-1:1.23.4-3.rhaos4.11.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-1:1.23.4-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64"
},
"product_reference": "buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64"
},
"product_reference": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x"
},
"product_reference": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64"
},
"product_reference": "buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64"
},
"product_reference": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x"
},
"product_reference": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64"
},
"product_reference": "buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64"
},
"product_reference": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x"
},
"product_reference": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64"
},
"product_reference": "buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64"
},
"product_reference": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x"
},
"product_reference": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64"
},
"product_reference": "buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64"
},
"product_reference": "conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x"
},
"product_reference": "conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src"
},
"product_reference": "conmon-2:2.1.2-3.rhaos4.11.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.1.2-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64"
},
"product_reference": "conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64"
},
"product_reference": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x"
},
"product_reference": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64"
},
"product_reference": "conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64"
},
"product_reference": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le"
},
"product_reference": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x"
},
"product_reference": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64"
},
"product_reference": "conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64"
},
"product_reference": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x"
},
"product_reference": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src"
},
"product_reference": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64"
},
"product_reference": "containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x"
},
"product_reference": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64"
},
"product_reference": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le"
},
"product_reference": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x"
},
"product_reference": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src"
},
"product_reference": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64"
},
"product_reference": "cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64"
},
"product_reference": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64"
},
"product_reference": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src"
},
"product_reference": "openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch"
},
"product_reference": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src"
},
"product_reference": "openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch"
},
"product_reference": "openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x"
},
"product_reference": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src"
},
"product_reference": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64"
},
"product_reference": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src"
},
"product_reference": "openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch"
},
"product_reference": "openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch"
},
"product_reference": "openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch"
},
"product_reference": "openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src"
},
"product_reference": "podman-2:4.0.2-7.rhaos4.11.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch"
},
"product_reference": "podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64"
},
"product_reference": "podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le"
},
"product_reference": "podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x"
},
"product_reference": "podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64"
},
"product_reference": "podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch"
},
"product_reference": "python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64"
},
"product_reference": "runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le"
},
"product_reference": "runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x"
},
"product_reference": "runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src"
},
"product_reference": "runc-3:1.1.2-2.rhaos4.11.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-3:1.1.2-2.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64"
},
"product_reference": "runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64"
},
"product_reference": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le"
},
"product_reference": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x"
},
"product_reference": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64"
},
"product_reference": "runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64"
},
"product_reference": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le"
},
"product_reference": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x"
},
"product_reference": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64"
},
"product_reference": "runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64"
},
"product_reference": "skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le"
},
"product_reference": "skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x"
},
"product_reference": "skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.src as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src"
},
"product_reference": "skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64"
},
"product_reference": "skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x"
},
"product_reference": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64"
},
"product_reference": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le"
},
"product_reference": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x"
},
"product_reference": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.11",
"product_id": "8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
},
"product_reference": "skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23772",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-02-11T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2053532"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23772"
},
{
"category": "external",
"summary": "RHBZ#2053532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
"url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
}
],
"release_date": "2022-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString"
},
{
"cve": "CVE-2022-24675",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2022-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2077688"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: encoding/pem: fix stack overflow in Decode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-24675"
},
{
"category": "external",
"summary": "RHBZ#2077688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
}
],
"release_date": "2022-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: encoding/pem: fix stack overflow in Decode"
},
{
"cve": "CVE-2022-28327",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2077689"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: panic caused by oversized scalar",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "RHBZ#2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
}
],
"release_date": "2022-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: panic caused by oversized scalar"
},
{
"cve": "CVE-2022-30629",
"cwe": {
"id": "CWE-331",
"name": "Insufficient Entropy"
},
"discovery_date": "2022-06-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2092793"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: session tickets lack random ticket_age_add",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30629"
},
{
"category": "external",
"summary": "RHBZ#2092793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg",
"url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg"
}
],
"release_date": "2022-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: crypto/tls: session tickets lack random ticket_age_add"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
},
{
"acknowledgments": [
{
"names": [
"David Benoit"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2023-3089",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2023-06-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2212085"
}
],
"notes": [
{
"category": "description",
"text": "A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift: OCP \u0026 FIPS mode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-001\n\nThe static scanning tool (to verify your system is once again compliant with FIPS) is available here https://github.com/openshift/check-payload",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3089"
},
{
"category": "external",
"summary": "RHBZ#2212085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212085"
},
{
"category": "external",
"summary": "RHSB-2023-001",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-001"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3089",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3089"
}
],
"release_date": "2023-07-05T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected packages as soon as possible.",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openshift: OCP \u0026 FIPS mode"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-24540",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196027"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set \"\\t\\n\\f\\r\\u0020\\u2028\\u2029\" in JavaScript contexts that also contain actions may not be properly sanitized during execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of JavaScript whitespace",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24540"
},
{
"category": "external",
"summary": "RHBZ#2196027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196027"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540"
},
{
"category": "external",
"summary": "https://go.dev/issue/59721",
"url": "https://go.dev/issue/59721"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-06T02:47:40+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:buildah-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-debugsource-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:buildah-tests-debuginfo-1:1.23.4-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:conmon-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debuginfo-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:conmon-debugsource-2:2.1.2-3.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:containernetworking-plugins-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debuginfo-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:containernetworking-plugins-debugsource-0:1.0.1-6.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.src",
"8Base-RHOSE-4.11:cri-o-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debuginfo-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.aarch64",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.ppc64le",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.s390x",
"8Base-RHOSE-4.11:cri-o-debugsource-0:1.24.6-2.rhaos4.11.git4bfe15a.el8.x86_64",
"8Base-RHOSE-4.11:openshift-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-ansible-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-ansible-test-0:4.11.0-202306230041.p0.g0a466d7.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-clients-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-clients-redistributable-0:4.11.0-202306231116.p0.g2ae2303.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.aarch64",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.ppc64le",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.s390x",
"8Base-RHOSE-4.11:openshift-hyperkube-0:4.11.0-202306260054.p0.g990d55b.assembly.stream.el8.x86_64",
"8Base-RHOSE-4.11:openshift-kuryr-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.src",
"8Base-RHOSE-4.11:openshift-kuryr-cni-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-common-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:openshift-kuryr-controller-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:podman-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-catatonit-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-debugsource-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-docker-2:4.0.2-7.rhaos4.11.el8.noarch",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-gvproxy-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-plugins-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-remote-debuginfo-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:podman-tests-2:4.0.2-7.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:python3-kuryr-kubernetes-0:4.11.0-202306280915.p0.gc732699.assembly.stream.el8.noarch",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:runc-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debuginfo-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:runc-debugsource-3:1.1.2-2.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.src",
"8Base-RHOSE-4.11:skopeo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debuginfo-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-debugsource-2:1.5.2-4.rhaos4.11.el8.x86_64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.aarch64",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.ppc64le",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.s390x",
"8Base-RHOSE-4.11:skopeo-tests-2:1.5.2-4.rhaos4.11.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: html/template: improper handling of JavaScript whitespace"
}
]
}
RHSA-2023:4003
Vulnerability from csaf_redhat - Published: 2023-07-10 09:56 - Updated: 2026-06-04 17:40Summary
Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update
Severity
Moderate
Notes
Topic: This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud.
A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application Interconnect enables me to create a service network and it allows geographically distributed services to connect as if they were all running in the same site.
Security Fix(es):
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)
* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)
* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)
* golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (CVE-2023-24536)
* golang: go/parser: Infinite loop in parsing (CVE-2023-24537)
* golang: html/template: backticks not treated as string delimiters (CVE-2023-24538)
* golang: html/template: improper sanitization of CSS values (CVE-2023-24539)
* golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Vendor Fix
fix
|
Known not affected
45 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Threats
Impact
Moderate
A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — | ||
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.
9.8 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.
7.3 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr={{.}}") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.
7.3 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch | — |
Workaround
|
Threats
Impact
Moderate
References
96 references
Acknowledgments
ADA Logics
Adam Korczynski
OSS-Fuzz
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
Catena Cyber
Philippe Antoine
Mattermost
Juho Nurminen
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is release 1.4 of the rpms for Red Hat Service Interconnect. Red Hat Service Interconnect 1.4 introduces a service network, linking TCP and HTTP services across the hybrid cloud.\nA service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they were all running in the same site.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application Interconnect enables me to create a service network and it allows geographically distributed services to connect as if they were all running in the same site.\n\nSecurity Fix(es):\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* golang: crypto/tls: large handshake records may cause panics (CVE-2022-41724)\n\n* golang: net/http, mime/multipart: denial of service from excessive resource consumption (CVE-2022-41725)\n\n* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)\n\n* golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (CVE-2023-24536)\n\n* golang: go/parser: Infinite loop in parsing (CVE-2023-24537)\n\n* golang: html/template: backticks not treated as string delimiters (CVE-2023-24538)\n\n* golang: html/template: improper sanitization of CSS values (CVE-2023-24539)\n\n* golang: html/template: improper handling of empty HTML attributes (CVE-2023-29400)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:4003",
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_service_interconnect",
"url": "https://access.redhat.com/documentation/en-us/red_hat_service_interconnect"
},
{
"category": "external",
"summary": "2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "2184481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481"
},
{
"category": "external",
"summary": "2184482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482"
},
{
"category": "external",
"summary": "2184483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
},
{
"category": "external",
"summary": "2184484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484"
},
{
"category": "external",
"summary": "2196026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196026"
},
{
"category": "external",
"summary": "2196029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196029"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_4003.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Service Interconnect 1.4 Release security update",
"tracking": {
"current_release_date": "2026-06-04T17:40:30+00:00",
"generator": {
"date": "2026-06-04T17:40:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:4003",
"initial_release_date": "2023-07-10T09:56:57+00:00",
"revision_history": [
{
"date": "2023-07-10T09:56:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-07-10T09:56:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-04T17:40:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Service Interconnect",
"product": {
"name": "Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_interconnect:1::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Service Interconnect 1",
"product": {
"name": "Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_interconnect:1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Service Interconnect"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebsockets-0:4.3.1-1.el8ai.src",
"product": {
"name": "libwebsockets-0:4.3.1-1.el8ai.src",
"product_id": "libwebsockets-0:4.3.1-1.el8ai.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets@4.3.1-1.el8ai?arch=src"
}
}
},
{
"category": "product_version",
"name": "skupper-router-0:2.4.1-2.el8.src",
"product": {
"name": "skupper-router-0:2.4.1-2.el8.src",
"product_id": "skupper-router-0:2.4.1-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router@2.4.1-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.37.0-2.el8ai.src",
"product": {
"name": "qpid-proton-0:0.37.0-2.el8ai.src",
"product_id": "qpid-proton-0:0.37.0-2.el8ai.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.37.0-2.el8ai?arch=src"
}
}
},
{
"category": "product_version",
"name": "skupper-cli-0:1.4.1-2.el8.src",
"product": {
"name": "skupper-cli-0:1.4.1-2.el8.src",
"product_id": "skupper-cli-0:1.4.1-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-cli@1.4.1-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-0:4.3.1-1.el9ai.src",
"product": {
"name": "libwebsockets-0:4.3.1-1.el9ai.src",
"product_id": "libwebsockets-0:4.3.1-1.el9ai.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets@4.3.1-1.el9ai?arch=src"
}
}
},
{
"category": "product_version",
"name": "skupper-router-0:2.4.1-2.el9.src",
"product": {
"name": "skupper-router-0:2.4.1-2.el9.src",
"product_id": "skupper-router-0:2.4.1-2.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router@2.4.1-2.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.37.0-2.el9ai.src",
"product": {
"name": "qpid-proton-0:0.37.0-2.el9ai.src",
"product_id": "qpid-proton-0:0.37.0-2.el9ai.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.37.0-2.el9ai?arch=src"
}
}
},
{
"category": "product_version",
"name": "jsoncpp-0:1.9.4-3.el9.src",
"product": {
"name": "jsoncpp-0:1.9.4-3.el9.src",
"product_id": "jsoncpp-0:1.9.4-3.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jsoncpp@1.9.4-3.el9?arch=src"
}
}
},
{
"category": "product_version",
"name": "skupper-cli-0:1.4.1-2.el9.src",
"product": {
"name": "skupper-cli-0:1.4.1-2.el9.src",
"product_id": "skupper-cli-0:1.4.1-2.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-cli@1.4.1-2.el9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebsockets-0:4.3.1-1.el8ai.x86_64",
"product": {
"name": "libwebsockets-0:4.3.1-1.el8ai.x86_64",
"product_id": "libwebsockets-0:4.3.1-1.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets@4.3.1-1.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"product": {
"name": "libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"product_id": "libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-devel@4.3.1-1.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"product": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"product_id": "libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debugsource@4.3.1-1.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"product": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"product_id": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debuginfo@4.3.1-1.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-router-0:2.4.1-2.el8.x86_64",
"product": {
"name": "skupper-router-0:2.4.1-2.el8.x86_64",
"product_id": "skupper-router-0:2.4.1-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router@2.4.1-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"product": {
"name": "skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"product_id": "skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-debugsource@2.4.1-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"product": {
"name": "skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"product_id": "skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-debuginfo@2.4.1-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"product_id": "python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"product_id": "qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"product_id": "qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"product_id": "qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debugsource@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_id": "python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton-debuginfo@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_id": "qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-debuginfo@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_id": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-debuginfo@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product": {
"name": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_id": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debuginfo@0.37.0-2.el8ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-cli-0:1.4.1-2.el8.x86_64",
"product": {
"name": "skupper-cli-0:1.4.1-2.el8.x86_64",
"product_id": "skupper-cli-0:1.4.1-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-cli@1.4.1-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-0:4.3.1-1.el9ai.x86_64",
"product": {
"name": "libwebsockets-0:4.3.1-1.el9ai.x86_64",
"product_id": "libwebsockets-0:4.3.1-1.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets@4.3.1-1.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"product": {
"name": "libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"product_id": "libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-devel@4.3.1-1.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"product": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"product_id": "libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debugsource@4.3.1-1.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"product": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"product_id": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debuginfo@4.3.1-1.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-router-0:2.4.1-2.el9.x86_64",
"product": {
"name": "skupper-router-0:2.4.1-2.el9.x86_64",
"product_id": "skupper-router-0:2.4.1-2.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router@2.4.1-2.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"product": {
"name": "skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"product_id": "skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-debugsource@2.4.1-2.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"product": {
"name": "skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"product_id": "skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-debuginfo@2.4.1-2.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"product_id": "python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-devel@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debugsource@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_id": "python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton-debuginfo@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-debuginfo@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-debuginfo@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product": {
"name": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_id": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debuginfo@0.37.0-2.el9ai?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jsoncpp-0:1.9.4-3.el9.x86_64",
"product": {
"name": "jsoncpp-0:1.9.4-3.el9.x86_64",
"product_id": "jsoncpp-0:1.9.4-3.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jsoncpp@1.9.4-3.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"product": {
"name": "jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"product_id": "jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jsoncpp-devel@1.9.4-3.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"product": {
"name": "jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"product_id": "jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jsoncpp-debugsource@1.9.4-3.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"product": {
"name": "jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"product_id": "jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jsoncpp-debuginfo@1.9.4-3.el9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skupper-cli-0:1.4.1-2.el9.x86_64",
"product": {
"name": "skupper-cli-0:1.4.1-2.el9.x86_64",
"product_id": "skupper-cli-0:1.4.1-2.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-cli@1.4.1-2.el9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libwebsockets-0:4.3.1-1.el8ai.aarch64",
"product": {
"name": "libwebsockets-0:4.3.1-1.el8ai.aarch64",
"product_id": "libwebsockets-0:4.3.1-1.el8ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets@4.3.1-1.el8ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"product": {
"name": "libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"product_id": "libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-devel@4.3.1-1.el8ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"product": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"product_id": "libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debugsource@4.3.1-1.el8ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"product": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"product_id": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debuginfo@4.3.1-1.el8ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-0:4.3.1-1.el9ai.aarch64",
"product": {
"name": "libwebsockets-0:4.3.1-1.el9ai.aarch64",
"product_id": "libwebsockets-0:4.3.1-1.el9ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets@4.3.1-1.el9ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"product": {
"name": "libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"product_id": "libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-devel@4.3.1-1.el9ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"product": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"product_id": "libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debugsource@4.3.1-1.el9ai?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"product": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"product_id": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwebsockets-debuginfo@4.3.1-1.el9ai?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "skupper-router-common-0:2.4.1-2.el8.noarch",
"product": {
"name": "skupper-router-common-0:2.4.1-2.el8.noarch",
"product_id": "skupper-router-common-0:2.4.1-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-common@2.4.1-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "skupper-router-docs-0:2.4.1-2.el8.noarch",
"product": {
"name": "skupper-router-docs-0:2.4.1-2.el8.noarch",
"product_id": "skupper-router-docs-0:2.4.1-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-docs@2.4.1-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "skupper-router-tools-0:2.4.1-2.el8.noarch",
"product": {
"name": "skupper-router-tools-0:2.4.1-2.el8.noarch",
"product_id": "skupper-router-tools-0:2.4.1-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-tools@2.4.1-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "skupper-router-common-0:2.4.1-2.el9.noarch",
"product": {
"name": "skupper-router-common-0:2.4.1-2.el9.noarch",
"product_id": "skupper-router-common-0:2.4.1-2.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-common@2.4.1-2.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "skupper-router-docs-0:2.4.1-2.el9.noarch",
"product": {
"name": "skupper-router-docs-0:2.4.1-2.el9.noarch",
"product_id": "skupper-router-docs-0:2.4.1-2.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-docs@2.4.1-2.el9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "skupper-router-tools-0:2.4.1-2.el9.noarch",
"product": {
"name": "skupper-router-tools-0:2.4.1-2.el9.noarch",
"product_id": "skupper-router-tools-0:2.4.1-2.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skupper-router-tools@2.4.1-2.el9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-0:4.3.1-1.el8ai.aarch64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64"
},
"product_reference": "libwebsockets-0:4.3.1-1.el8ai.aarch64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-0:4.3.1-1.el8ai.src as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src"
},
"product_reference": "libwebsockets-0:4.3.1-1.el8ai.src",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-0:4.3.1-1.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64"
},
"product_reference": "libwebsockets-0:4.3.1-1.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64"
},
"product_reference": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64"
},
"product_reference": "libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64"
},
"product_reference": "libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64"
},
"product_reference": "libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-devel-0:4.3.1-1.el8ai.aarch64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64"
},
"product_reference": "libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-devel-0:4.3.1-1.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64"
},
"product_reference": "libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.37.0-2.el8ai.src as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src"
},
"product_reference": "qpid-proton-0:0.37.0-2.el8ai.src",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64"
},
"product_reference": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-cli-0:1.4.1-2.el8.src as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src"
},
"product_reference": "skupper-cli-0:1.4.1-2.el8.src",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-cli-0:1.4.1-2.el8.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64"
},
"product_reference": "skupper-cli-0:1.4.1-2.el8.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-0:2.4.1-2.el8.src as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src"
},
"product_reference": "skupper-router-0:2.4.1-2.el8.src",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-0:2.4.1-2.el8.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64"
},
"product_reference": "skupper-router-0:2.4.1-2.el8.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-common-0:2.4.1-2.el8.noarch as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch"
},
"product_reference": "skupper-router-common-0:2.4.1-2.el8.noarch",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-debuginfo-0:2.4.1-2.el8.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64"
},
"product_reference": "skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-debugsource-0:2.4.1-2.el8.x86_64 as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64"
},
"product_reference": "skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-docs-0:2.4.1-2.el8.noarch as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch"
},
"product_reference": "skupper-router-docs-0:2.4.1-2.el8.noarch",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-tools-0:2.4.1-2.el8.noarch as a component of Red Hat Service Interconnect",
"product_id": "8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch"
},
"product_reference": "skupper-router-tools-0:2.4.1-2.el8.noarch",
"relates_to_product_reference": "8Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jsoncpp-0:1.9.4-3.el9.src as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src"
},
"product_reference": "jsoncpp-0:1.9.4-3.el9.src",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jsoncpp-0:1.9.4-3.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64"
},
"product_reference": "jsoncpp-0:1.9.4-3.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64"
},
"product_reference": "jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jsoncpp-debugsource-0:1.9.4-3.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64"
},
"product_reference": "jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jsoncpp-devel-0:1.9.4-3.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64"
},
"product_reference": "jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-0:4.3.1-1.el9ai.aarch64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64"
},
"product_reference": "libwebsockets-0:4.3.1-1.el9ai.aarch64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-0:4.3.1-1.el9ai.src as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src"
},
"product_reference": "libwebsockets-0:4.3.1-1.el9ai.src",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-0:4.3.1-1.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64"
},
"product_reference": "libwebsockets-0:4.3.1-1.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64"
},
"product_reference": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64"
},
"product_reference": "libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64"
},
"product_reference": "libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64"
},
"product_reference": "libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-devel-0:4.3.1-1.el9ai.aarch64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64"
},
"product_reference": "libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwebsockets-devel-0:4.3.1-1.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64"
},
"product_reference": "libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.37.0-2.el9ai.src as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src"
},
"product_reference": "qpid-proton-0:0.37.0-2.el9ai.src",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64"
},
"product_reference": "rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-cli-0:1.4.1-2.el9.src as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src"
},
"product_reference": "skupper-cli-0:1.4.1-2.el9.src",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-cli-0:1.4.1-2.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
},
"product_reference": "skupper-cli-0:1.4.1-2.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-0:2.4.1-2.el9.src as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src"
},
"product_reference": "skupper-router-0:2.4.1-2.el9.src",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-0:2.4.1-2.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64"
},
"product_reference": "skupper-router-0:2.4.1-2.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-common-0:2.4.1-2.el9.noarch as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch"
},
"product_reference": "skupper-router-common-0:2.4.1-2.el9.noarch",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-debuginfo-0:2.4.1-2.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64"
},
"product_reference": "skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-debugsource-0:2.4.1-2.el9.x86_64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64"
},
"product_reference": "skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-docs-0:2.4.1-2.el9.noarch as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch"
},
"product_reference": "skupper-router-docs-0:2.4.1-2.el9.noarch",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skupper-router-tools-0:2.4.1-2.el9.noarch as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
},
"product_reference": "skupper-router-tools-0:2.4.1-2.el9.noarch",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\n\nThis flaw additionally affects the github.com/vbatts/tar-split library and was fixed in v0.12.1.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1",
"url": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-28327",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-04-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2077689"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: panic caused by oversized scalar",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "RHBZ#2077689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
"url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
}
],
"release_date": "2022-04-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: panic caused by oversized scalar"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2022-41724",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178492"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: large handshake records may cause panics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a denial of service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "RHBZ#2178492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41724"
},
{
"category": "external",
"summary": "https://go.dev/cl/468125",
"url": "https://go.dev/cl/468125"
},
{
"category": "external",
"summary": "https://go.dev/issue/58001",
"url": "https://go.dev/issue/58001"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1570",
"url": "https://pkg.go.dev/vuln/GO-2023-1570"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: large handshake records may cause panics"
},
{
"cve": "CVE-2022-41725",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178488"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go, where it is vulnerable to a denial of service caused by an excessive resource consumption flaw in the net/http and mime/multipart packages. By sending a specially-crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "RHBZ#2178488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41725"
},
{
"category": "external",
"summary": "https://go.dev/cl/468124",
"url": "https://go.dev/cl/468124"
},
{
"category": "external",
"summary": "https://go.dev/issue/58006",
"url": "https://go.dev/issue/58006"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1569",
"url": "https://pkg.go.dev/vuln/GO-2023-1569"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-24534",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184483"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto: denial of service from excessive memory allocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24534"
},
{
"category": "external",
"summary": "RHBZ#2184483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534"
},
{
"category": "external",
"summary": "https://go.dev/issue/58975",
"url": "https://go.dev/issue/58975"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto: denial of service from excessive memory allocation"
},
{
"cve": "CVE-2023-24536",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses Go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not-affected.\n* The CVE refers to multipart form parsing routine mime/multipart.Reader.ReadForm, which is not used in Grafana, hence it is not-affected.\n* Butane does not parse multipart forms, hence, it is also not-affected.\nRedhat has marked this vulnerability as moderate as this vulnerability could lead to a potential denial of service when all the resource of a system is consumed which is technically not a clear case of denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24536"
},
{
"category": "external",
"summary": "RHBZ#2184482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536"
},
{
"category": "external",
"summary": "https://go.dev/issue/59153",
"url": "https://go.dev/issue/59153"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption"
},
{
"cve": "CVE-2023-24537",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: go/parser: Infinite loop in parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Moderate because it allows denial of service condition in Go\u2019s source code parser when processing specially crafted input containing //line directives with excessively large line numbers. Exploitation can cause the parser to enter an infinite loop, consuming CPU resources and rendering services unresponsive. While this issue does not permit code execution or data access, it poses a significant availability impact for systems processing untrusted Go source input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24537"
},
{
"category": "external",
"summary": "RHBZ#2184484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59180",
"url": "https://github.com/golang/go/issues/59180"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "workaround",
"details": "To mitigate this issue, upgrade Go to version 1.19.8, 1.20.3, or later, where the vulnerability has been addressed.",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: go/parser: Infinite loop in parsing"
},
{
"cve": "CVE-2023-24538",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2184481"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: backticks not treated as string delimiters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The described issue involving Go templates and JavaScript template literals poses a moderate severity rather than an important one due to several mitigating factors. Firstly, the vulnerability requires specific conditions to be met: the presence of Go templates within JavaScript template literals. This limits the scope of affected codebases, reducing the likelihood of exploitation. Additionally, the decision to disallow such interactions in future releases of Go indicates a proactive approach to addressing the issue. Furthermore, the affected packages or components within Red Hat Enterprise Linux, such as Conmon, Grafana, and the RHC package, have been assessed and determined not to be impacted due to their specific usage patterns. So the limited scope of affected systems and the absence of exploitation vectors in specific components within Red Hat Enterprise Linux contribute to categorizing the severity of the issue as moderate.\n\nFor Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* The rhc package do not make use of html/template. Hence, it is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24538"
},
{
"category": "external",
"summary": "RHBZ#2184481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59234",
"url": "https://github.com/golang/go/issues/59234"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
"url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
}
],
"release_date": "2023-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: backticks not treated as string delimiters"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-24539",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196026"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang where angle brackets (\u003c\u003e) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a \u0027/\u0027 character could result in the CSS context unexpectedly closing, allowing for the injection of unexpected HMTL if executed with untrusted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper sanitization of CSS values",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore, the impact is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24539"
},
{
"category": "external",
"summary": "RHBZ#2196026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196026"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24539"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/59720",
"url": "https://github.com/golang/go/issues/59720"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper sanitization of CSS values"
},
{
"acknowledgments": [
{
"names": [
"Juho Nurminen"
],
"organization": "Mattermost"
}
],
"cve": "CVE-2023-29400",
"cwe": {
"id": "CWE-176",
"name": "Improper Handling of Unicode Encoding"
},
"discovery_date": "2023-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2196029"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, \"attr={{.}}\") executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into tags.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of empty HTML attributes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, not in the actual code. Thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn OpenShift Container Platform and Red Hat Advanced Cluster Management for Kubernetes (RHACM), the affected containers are behind OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users, reducing the impact to low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"known_not_affected": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29400"
},
{
"category": "external",
"summary": "RHBZ#2196029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29400"
},
{
"category": "external",
"summary": "https://go.dev/issue/59722",
"url": "https://go.dev/issue/59722"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
"url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
}
],
"release_date": "2023-04-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-07-10T09:56:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.src",
"8Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.aarch64",
"8Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el8ai.src",
"8Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el8ai.x86_64",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.src",
"8Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el8.x86_64",
"8Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el8.noarch",
"8Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el8.noarch",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.src",
"9Base-Service-Interconnect-1:jsoncpp-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debuginfo-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-debugsource-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:jsoncpp-devel-0:1.9.4-3.el9.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.src",
"9Base-Service-Interconnect-1:libwebsockets-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debuginfo-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-debugsource-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.aarch64",
"9Base-Service-Interconnect-1:libwebsockets-devel-0:4.3.1-1.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:python3-qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-0:0.37.0-2.el9ai.src",
"9Base-Service-Interconnect-1:qpid-proton-c-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-c-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-cpp-devel-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:qpid-proton-debugsource-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:rubygem-qpid_proton-debuginfo-0:0.37.0-2.el9ai.x86_64",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-cli-0:1.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.src",
"9Base-Service-Interconnect-1:skupper-router-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-common-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-debuginfo-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-debugsource-0:2.4.1-2.el9.x86_64",
"9Base-Service-Interconnect-1:skupper-router-docs-0:2.4.1-2.el9.noarch",
"9Base-Service-Interconnect-1:skupper-router-tools-0:2.4.1-2.el9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of empty HTML attributes"
}
]
}
SSA-744259
Vulnerability from csaf_siemens - Published: 2023-02-14 00:00 - Updated: 2023-02-14 00:00Summary
SSA-744259: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1
Notes
Summary: Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS).
Siemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the latest version.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
CWE-20
- Improper Input Validation
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
CWE-668
- Exposure of Resource to Wrong Sphere
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
CWE-770
- Allocation of Resources Without Limits or Throttling
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
V1.10.1 |
Vendor Fix
|
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
CWE-295
- Improper Certificate Validation
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
V1.10.1 |
Vendor Fix
|
CWE-20
- Improper Input Validation
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
< V1.10 |
Vendor Fix
|
|
|
Brownfield Connectivity - Gateway
Siemens / Brownfield Connectivity - Gateway
|
V1.10.1 |
Vendor Fix
|
References
3 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"notes": [
{
"category": "summary",
"text": "Siemens has released a new version for Brownfield Connectivity - Gateway that contains fixes for multiple vulnerabilities in the underlying Golang implementation. Successful exploitation of these vulnerabilities could lead to Denial of Service (DoS).\n\nSiemens has released an update for Brownfield Connectivity - Gateway and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-744259: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1 - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
},
{
"category": "self",
"summary": "SSA-744259: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1 - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-744259.txt"
},
{
"category": "self",
"summary": "SSA-744259: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-744259.json"
}
],
"title": "SSA-744259: Golang Vulnerabilities in Brownfield Connectivity - Gateway before V1.10.1",
"tracking": {
"current_release_date": "2023-02-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-744259",
"initial_release_date": "2023-02-14T00:00:00Z",
"revision_history": [
{
"date": "2023-02-14T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c V1.10",
"product": {
"name": "Brownfield Connectivity - Gateway",
"product_id": "1"
}
},
{
"category": "product_version_range",
"name": "V1.10.1",
"product": {
"name": "Brownfield Connectivity - Gateway",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Brownfield Connectivity - Gateway"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41771",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-44716",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-44716"
},
{
"cve": "CVE-2021-44717",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "summary",
"text": "Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-44717"
},
{
"cve": "CVE-2022-24675",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24921",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-24921"
},
{
"cve": "CVE-2022-27536",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-28327",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V1.11 or later version\nContact customer support to obtain the update \u003chttps://support.industry.siemens.com/cs/de/de/view/109801700\u003e",
"product_ids": [
"1",
"2"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-28327"
}
]
}
SUSE-SU-2022:1410-1
Vulnerability from csaf_suse - Published: 2022-04-26 15:48 - Updated: 2022-04-26 15:48Summary
Security update for go1.18
Severity
Moderate
Notes
Title of the patch: Security update for go1.18
Description of the patch: This update for go1.18 fixes the following issues:
- CVE-2022-24675: Fixed a stack overlow in Decode() in encoding/pem (bsc#1198423).
- CVE-2022-28327: Fixed a crash due to refused oversized scalars in generic P-256 (bsc#1198424).
- CVE-2022-27536: Fixed a crash in Certificate.Verify in crypto/x509 (bsc#1198427).
Bump go1.18 (bsc#1193742)
Patchnames: SUSE-2022-1410,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1410,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1410,openSUSE-SLE-15.3-2022-1410,openSUSE-SLE-15.4-2022-1410
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.18",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.18 fixes the following issues:\n\n- CVE-2022-24675: Fixed a stack overlow in Decode() in encoding/pem (bsc#1198423).\n- CVE-2022-28327: Fixed a crash due to refused oversized scalars in generic P-256 (bsc#1198424).\n- CVE-2022-27536: Fixed a crash in Certificate.Verify in crypto/x509 (bsc#1198427).\n \nBump go1.18 (bsc#1193742)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1410,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1410,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1410,openSUSE-SLE-15.3-2022-1410,openSUSE-SLE-15.4-2022-1410",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1410-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1410-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221410-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1410-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010838.html"
},
{
"category": "self",
"summary": "SUSE Bug 1183043",
"url": "https://bugzilla.suse.com/1183043"
},
{
"category": "self",
"summary": "SUSE Bug 1193742",
"url": "https://bugzilla.suse.com/1193742"
},
{
"category": "self",
"summary": "SUSE Bug 1198423",
"url": "https://bugzilla.suse.com/1198423"
},
{
"category": "self",
"summary": "SUSE Bug 1198424",
"url": "https://bugzilla.suse.com/1198424"
},
{
"category": "self",
"summary": "SUSE Bug 1198427",
"url": "https://bugzilla.suse.com/1198427"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-24675 page",
"url": "https://www.suse.com/security/cve/CVE-2022-24675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27536 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28327 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28327/"
}
],
"title": "Security update for go1.18",
"tracking": {
"current_release_date": "2022-04-26T15:48:39Z",
"generator": {
"date": "2022-04-26T15:48:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1410-1",
"initial_release_date": "2022-04-26T15:48:39Z",
"revision_history": [
{
"date": "2022-04-26T15:48:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.18-1.18.1-150000.1.11.1.aarch64",
"product": {
"name": "go1.18-1.18.1-150000.1.11.1.aarch64",
"product_id": "go1.18-1.18.1-150000.1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"product": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"product_id": "go1.18-doc-1.18.1-150000.1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.18-race-1.18.1-150000.1.11.1.aarch64",
"product": {
"name": "go1.18-race-1.18.1-150000.1.11.1.aarch64",
"product_id": "go1.18-race-1.18.1-150000.1.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-1.18.1-150000.1.11.1.i586",
"product": {
"name": "go1.18-1.18.1-150000.1.11.1.i586",
"product_id": "go1.18-1.18.1-150000.1.11.1.i586"
}
},
{
"category": "product_version",
"name": "go1.18-doc-1.18.1-150000.1.11.1.i586",
"product": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.i586",
"product_id": "go1.18-doc-1.18.1-150000.1.11.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-1.18.1-150000.1.11.1.ppc64le",
"product": {
"name": "go1.18-1.18.1-150000.1.11.1.ppc64le",
"product_id": "go1.18-1.18.1-150000.1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"product": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"product_id": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-1.18.1-150000.1.11.1.s390x",
"product": {
"name": "go1.18-1.18.1-150000.1.11.1.s390x",
"product_id": "go1.18-1.18.1-150000.1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.18-doc-1.18.1-150000.1.11.1.s390x",
"product": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.s390x",
"product_id": "go1.18-doc-1.18.1-150000.1.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-1.18.1-150000.1.11.1.x86_64",
"product": {
"name": "go1.18-1.18.1-150000.1.11.1.x86_64",
"product_id": "go1.18-1.18.1-150000.1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"product": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"product_id": "go1.18-doc-1.18.1-150000.1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.18-race-1.18.1-150000.1.11.1.x86_64",
"product": {
"name": "go1.18-race-1.18.1-150000.1.11.1.x86_64",
"product_id": "go1.18-race-1.18.1-150000.1.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-race-1.18.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-race-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-race-1.18.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-race-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-race-1.18.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-race-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-race-1.18.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-race-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-1.18.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-doc-1.18.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-race-1.18.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64"
},
"product_reference": "go1.18-race-1.18.1-150000.1.11.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-race-1.18.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
},
"product_reference": "go1.18-race-1.18.1-150000.1.11.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-24675"
}
],
"notes": [
{
"category": "general",
"text": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-24675",
"url": "https://www.suse.com/security/cve/CVE-2022-24675"
},
{
"category": "external",
"summary": "SUSE Bug 1198423 for CVE-2022-24675",
"url": "https://bugzilla.suse.com/1198423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-26T15:48:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-27536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27536"
}
],
"notes": [
{
"category": "general",
"text": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27536",
"url": "https://www.suse.com/security/cve/CVE-2022-27536"
},
{
"category": "external",
"summary": "SUSE Bug 1198427 for CVE-2022-27536",
"url": "https://bugzilla.suse.com/1198427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-26T15:48:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-28327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28327"
}
],
"notes": [
{
"category": "general",
"text": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28327",
"url": "https://www.suse.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "SUSE Bug 1198424 for CVE-2022-28327",
"url": "https://bugzilla.suse.com/1198424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.3:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.3:go1.18-race-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.ppc64le",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.s390x",
"openSUSE Leap 15.4:go1.18-doc-1.18.1-150000.1.11.1.x86_64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.aarch64",
"openSUSE Leap 15.4:go1.18-race-1.18.1-150000.1.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-26T15:48:39Z",
"details": "moderate"
}
],
"title": "CVE-2022-28327"
}
]
}
SUSE-SU-2022:1411-1
Vulnerability from csaf_suse - Published: 2022-04-26 15:49 - Updated: 2022-04-26 15:49Summary
Security update for go1.17
Severity
Moderate
Notes
Title of the patch: Security update for go1.17
Description of the patch: This update for go1.17 fixes the following issues:
- Updated to version 1.17.9 (bsc#1190649):
- CVE-2022-24675: Fixed a stack overflow via crafted PEM file (bsc#1198423).
- CVE-2022-28327: Fixed a potential panic when using big P-256 scalars in the
crypto/elliptic module (bsc#1198424).
Patchnames: SUSE-2022-1411,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1411,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1411,SUSE-SLE-Product-RT-15-SP2-2022-1411,openSUSE-SLE-15.3-2022-1411,openSUSE-SLE-15.4-2022-1411
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.17",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.17 fixes the following issues:\n\n- Updated to version 1.17.9 (bsc#1190649):\n - CVE-2022-24675: Fixed a stack overflow via crafted PEM file (bsc#1198423).\n - CVE-2022-28327: Fixed a potential panic when using big P-256 scalars in the\n crypto/elliptic module (bsc#1198424).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1411,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1411,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1411,SUSE-SLE-Product-RT-15-SP2-2022-1411,openSUSE-SLE-15.3-2022-1411,openSUSE-SLE-15.4-2022-1411",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1411-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1411-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221411-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1411-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010839.html"
},
{
"category": "self",
"summary": "SUSE Bug 1190649",
"url": "https://bugzilla.suse.com/1190649"
},
{
"category": "self",
"summary": "SUSE Bug 1198423",
"url": "https://bugzilla.suse.com/1198423"
},
{
"category": "self",
"summary": "SUSE Bug 1198424",
"url": "https://bugzilla.suse.com/1198424"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-24675 page",
"url": "https://www.suse.com/security/cve/CVE-2022-24675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28327 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28327/"
}
],
"title": "Security update for go1.17",
"tracking": {
"current_release_date": "2022-04-26T15:49:12Z",
"generator": {
"date": "2022-04-26T15:49:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1411-1",
"initial_release_date": "2022-04-26T15:49:12Z",
"revision_history": [
{
"date": "2022-04-26T15:49:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.9-150000.1.28.1.aarch64",
"product": {
"name": "go1.17-1.17.9-150000.1.28.1.aarch64",
"product_id": "go1.17-1.17.9-150000.1.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"product": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"product_id": "go1.17-doc-1.17.9-150000.1.28.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.9-150000.1.28.1.aarch64",
"product": {
"name": "go1.17-race-1.17.9-150000.1.28.1.aarch64",
"product_id": "go1.17-race-1.17.9-150000.1.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.9-150000.1.28.1.i586",
"product": {
"name": "go1.17-1.17.9-150000.1.28.1.i586",
"product_id": "go1.17-1.17.9-150000.1.28.1.i586"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.9-150000.1.28.1.i586",
"product": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.i586",
"product_id": "go1.17-doc-1.17.9-150000.1.28.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.9-150000.1.28.1.ppc64le",
"product": {
"name": "go1.17-1.17.9-150000.1.28.1.ppc64le",
"product_id": "go1.17-1.17.9-150000.1.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"product": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"product_id": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.9-150000.1.28.1.s390x",
"product": {
"name": "go1.17-1.17.9-150000.1.28.1.s390x",
"product_id": "go1.17-1.17.9-150000.1.28.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.9-150000.1.28.1.s390x",
"product": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.s390x",
"product_id": "go1.17-doc-1.17.9-150000.1.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.17-1.17.9-150000.1.28.1.x86_64",
"product": {
"name": "go1.17-1.17.9-150000.1.28.1.x86_64",
"product_id": "go1.17-1.17.9-150000.1.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"product": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"product_id": "go1.17-doc-1.17.9-150000.1.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.17-race-1.17.9-150000.1.28.1.x86_64",
"product": {
"name": "go1.17-race-1.17.9-150000.1.28.1.x86_64",
"product_id": "go1.17-race-1.17.9-150000.1.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_rt:15:sp2"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP2",
"product_id": "SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.i586 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.i586 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-1.17.9-150000.1.28.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-doc-1.17.9-150000.1.28.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.17-race-1.17.9-150000.1.28.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
},
"product_reference": "go1.17-race-1.17.9-150000.1.28.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-24675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-24675"
}
],
"notes": [
{
"category": "general",
"text": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-24675",
"url": "https://www.suse.com/security/cve/CVE-2022-24675"
},
{
"category": "external",
"summary": "SUSE Bug 1198423 for CVE-2022-24675",
"url": "https://bugzilla.suse.com/1198423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-26T15:49:12Z",
"details": "moderate"
}
],
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-28327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28327"
}
],
"notes": [
{
"category": "general",
"text": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28327",
"url": "https://www.suse.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "SUSE Bug 1198424 for CVE-2022-28327",
"url": "https://bugzilla.suse.com/1198424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP2:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.i586",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.3:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.3:go1.17-race-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.ppc64le",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.s390x",
"openSUSE Leap 15.4:go1.17-doc-1.17.9-150000.1.28.1.x86_64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.aarch64",
"openSUSE Leap 15.4:go1.17-race-1.17.9-150000.1.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-26T15:49:12Z",
"details": "moderate"
}
],
"title": "CVE-2022-28327"
}
]
}
SUSE-SU-2023:2312-1
Vulnerability from csaf_suse - Published: 2023-05-30 06:54 - Updated: 2023-05-30 06:54Summary
Security update for go1.18-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.18-openssl
Description of the patch: This update for go1.18-openssl fixes the following issues:
- Add subpackage go1.x-libstd compiled shared object libstd.so (jsc#PED-1962)
* Main go1.x package included libstd.so in previous versions
* Split libstd.so into subpackage that can be installed standalone
* Continues the slimming down of main go1.x package by 40 Mb
* Experimental and not recommended for general use, Go currently has no ABI
* Upstream Go has not committed to support buildmode=shared long-term
* Do not use in packaging, build static single binaries (the default)
* Upstream Go go1.x binary releases do not include libstd.so
* go1.x Suggests go1.x-libstd so not installed by default Recommends
* go1.x-libstd does not Require: go1.x so can install standalone
* Provides go-libstd unversioned package name
* Fix build step -buildmode=shared std to omit -linkshared
- Packaging improvements:
* go1.x Suggests go1.x-doc so not installed by default Recommends
* Use Group: Development/Languages/Go instead of Other
- Improvements to go1.x packaging spec:
* On Tumbleweed bootstrap with current default gcc13 and gccgo118
* On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap
using go1.x package (%bcond_without gccgo). This is no longer
needed on current SLE-12:Update and removing will consolidate
the build configurations used.
* Change source URLs to go.dev as per Go upstream
* On x86_64 export GOAMD64=v1 as per the current baseline.
At this time forgo GOAMD64=v3 option for x86_64_v3 support.
* On x86_64 %define go_amd64=v1 as current instruction baseline
- Update to version 1.18.10.1 cut from the go1.18-openssl-fips
branch at the revision tagged go1.18.10-1-openssl-fips.
* Merge branch dev.boringcrypto.go1.18 into go1.18-openssl-fips
* Merge go1.18.10 into dev.boringcrypto.go1.18
- go1.18.10 (released 2023-01-10) includes fixes to cgo, the
compiler, the linker, and the crypto/x509, net/http, and syscall
packages.
Refs bsc#1193742 go1.18 release tracking
* go#57705 misc/cgo: backport needed for dlltool fix
* go#57426 crypto/x509: Verify on macOS does not return typed errors
* go#57344 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its 'old' argument.
* go#57338 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices
* go#57213 os: TestLstat failure on Linux Aarch64
* go#57211 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length
* go#57057 cmd/go: remove test dependency on gopkg.in service
* go#57054 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders
* go#57044 cgo: malformed DWARF TagVariable entry
* go#57028 cmd/cgo: Wrong types in compiler errors with clang 14
* go#56833 cmd/link/internal/ppc64: too-far trampoline is reused
* go#56711 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target
* go#56323 net/http: bad handling of HEAD requests with a body
Patchnames: SUSE-2023-2312,SUSE-SLE-Module-Development-Tools-15-SP4-2023-2312,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2312,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-RT-15-SP3-2023-2312,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2312,SUSE-Storage-7.1-2023-2312,openSUSE-SLE-15.4-2023-2312,openSUSE-SLE-15.5-2023-2312
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
66 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
123 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.18-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.18-openssl fixes the following issues:\n\n- Add subpackage go1.x-libstd compiled shared object libstd.so (jsc#PED-1962)\n * Main go1.x package included libstd.so in previous versions\n * Split libstd.so into subpackage that can be installed standalone\n * Continues the slimming down of main go1.x package by 40 Mb\n * Experimental and not recommended for general use, Go currently has no ABI\n * Upstream Go has not committed to support buildmode=shared long-term\n * Do not use in packaging, build static single binaries (the default)\n * Upstream Go go1.x binary releases do not include libstd.so\n * go1.x Suggests go1.x-libstd so not installed by default Recommends\n * go1.x-libstd does not Require: go1.x so can install standalone\n * Provides go-libstd unversioned package name\n * Fix build step -buildmode=shared std to omit -linkshared\n- Packaging improvements:\n * go1.x Suggests go1.x-doc so not installed by default Recommends\n * Use Group: Development/Languages/Go instead of Other\n\n- Improvements to go1.x packaging spec:\n * On Tumbleweed bootstrap with current default gcc13 and gccgo118\n * On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap\n using go1.x package (%bcond_without gccgo). This is no longer\n needed on current SLE-12:Update and removing will consolidate\n the build configurations used.\n * Change source URLs to go.dev as per Go upstream\n * On x86_64 export GOAMD64=v1 as per the current baseline.\n At this time forgo GOAMD64=v3 option for x86_64_v3 support.\n * On x86_64 %define go_amd64=v1 as current instruction baseline\n\n- Update to version 1.18.10.1 cut from the go1.18-openssl-fips\n branch at the revision tagged go1.18.10-1-openssl-fips.\n * Merge branch dev.boringcrypto.go1.18 into go1.18-openssl-fips\n * Merge go1.18.10 into dev.boringcrypto.go1.18\n\n- go1.18.10 (released 2023-01-10) includes fixes to cgo, the\n compiler, the linker, and the crypto/x509, net/http, and syscall\n packages.\n Refs bsc#1193742 go1.18 release tracking\n * go#57705 misc/cgo: backport needed for dlltool fix\n * go#57426 crypto/x509: Verify on macOS does not return typed errors\n * go#57344 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its \u0027old\u0027 argument.\n * go#57338 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices\n * go#57213 os: TestLstat failure on Linux Aarch64\n * go#57211 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length\n * go#57057 cmd/go: remove test dependency on gopkg.in service\n * go#57054 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders\n * go#57044 cgo: malformed DWARF TagVariable entry\n * go#57028 cmd/cgo: Wrong types in compiler errors with clang 14\n * go#56833 cmd/link/internal/ppc64: too-far trampoline is reused\n * go#56711 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target\n * go#56323 net/http: bad handling of HEAD requests with a body\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2312,SUSE-SLE-Module-Development-Tools-15-SP4-2023-2312,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2312,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-RT-15-SP3-2023-2312,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2312,SUSE-Storage-7.1-2023-2312,openSUSE-SLE-15.4-2023-2312,openSUSE-SLE-15.5-2023-2312",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2312-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2312-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232312-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2312-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/015005.html"
},
{
"category": "self",
"summary": "SUSE Bug 1183043",
"url": "https://bugzilla.suse.com/1183043"
},
{
"category": "self",
"summary": "SUSE Bug 1193742",
"url": "https://bugzilla.suse.com/1193742"
},
{
"category": "self",
"summary": "SUSE Bug 1198423",
"url": "https://bugzilla.suse.com/1198423"
},
{
"category": "self",
"summary": "SUSE Bug 1198424",
"url": "https://bugzilla.suse.com/1198424"
},
{
"category": "self",
"summary": "SUSE Bug 1198427",
"url": "https://bugzilla.suse.com/1198427"
},
{
"category": "self",
"summary": "SUSE Bug 1199413",
"url": "https://bugzilla.suse.com/1199413"
},
{
"category": "self",
"summary": "SUSE Bug 1200134",
"url": "https://bugzilla.suse.com/1200134"
},
{
"category": "self",
"summary": "SUSE Bug 1200135",
"url": "https://bugzilla.suse.com/1200135"
},
{
"category": "self",
"summary": "SUSE Bug 1200136",
"url": "https://bugzilla.suse.com/1200136"
},
{
"category": "self",
"summary": "SUSE Bug 1200137",
"url": "https://bugzilla.suse.com/1200137"
},
{
"category": "self",
"summary": "SUSE Bug 1201434",
"url": "https://bugzilla.suse.com/1201434"
},
{
"category": "self",
"summary": "SUSE Bug 1201436",
"url": "https://bugzilla.suse.com/1201436"
},
{
"category": "self",
"summary": "SUSE Bug 1201437",
"url": "https://bugzilla.suse.com/1201437"
},
{
"category": "self",
"summary": "SUSE Bug 1201440",
"url": "https://bugzilla.suse.com/1201440"
},
{
"category": "self",
"summary": "SUSE Bug 1201443",
"url": "https://bugzilla.suse.com/1201443"
},
{
"category": "self",
"summary": "SUSE Bug 1201444",
"url": "https://bugzilla.suse.com/1201444"
},
{
"category": "self",
"summary": "SUSE Bug 1201445",
"url": "https://bugzilla.suse.com/1201445"
},
{
"category": "self",
"summary": "SUSE Bug 1201447",
"url": "https://bugzilla.suse.com/1201447"
},
{
"category": "self",
"summary": "SUSE Bug 1201448",
"url": "https://bugzilla.suse.com/1201448"
},
{
"category": "self",
"summary": "SUSE Bug 1202035",
"url": "https://bugzilla.suse.com/1202035"
},
{
"category": "self",
"summary": "SUSE Bug 1203185",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "self",
"summary": "SUSE Bug 1204023",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "self",
"summary": "SUSE Bug 1204024",
"url": "https://bugzilla.suse.com/1204024"
},
{
"category": "self",
"summary": "SUSE Bug 1204025",
"url": "https://bugzilla.suse.com/1204025"
},
{
"category": "self",
"summary": "SUSE Bug 1204941",
"url": "https://bugzilla.suse.com/1204941"
},
{
"category": "self",
"summary": "SUSE Bug 1206134",
"url": "https://bugzilla.suse.com/1206134"
},
{
"category": "self",
"summary": "SUSE Bug 1206135",
"url": "https://bugzilla.suse.com/1206135"
},
{
"category": "self",
"summary": "SUSE Bug 1208270",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "self",
"summary": "SUSE Bug 1208271",
"url": "https://bugzilla.suse.com/1208271"
},
{
"category": "self",
"summary": "SUSE Bug 1208272",
"url": "https://bugzilla.suse.com/1208272"
},
{
"category": "self",
"summary": "SUSE Bug 1208491",
"url": "https://bugzilla.suse.com/1208491"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1705 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1962 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-24675 page",
"url": "https://www.suse.com/security/cve/CVE-2022-24675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27536 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-27664 page",
"url": "https://www.suse.com/security/cve/CVE-2022-27664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28131 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-28327 page",
"url": "https://www.suse.com/security/cve/CVE-2022-28327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2879 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2880 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29526 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-29804 page",
"url": "https://www.suse.com/security/cve/CVE-2022-29804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30580 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30629 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30630 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30631 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30632 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30633 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30634 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-30635 page",
"url": "https://www.suse.com/security/cve/CVE-2022-30635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32148 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32189 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41716 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41717 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41720 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41723 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41724 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41725 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41725/"
}
],
"title": "Security update for go1.18-openssl",
"tracking": {
"current_release_date": "2023-05-30T06:54:51Z",
"generator": {
"date": "2023-05-30T06:54:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2312-1",
"initial_release_date": "2023-05-30T06:54:51Z",
"revision_history": [
{
"date": "2023-05-30T06:54:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"product": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"product": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"product": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"product_id": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.i586",
"product": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.i586",
"product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.i586",
"product": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.i586",
"product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"product": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"product": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"product": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"product": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"product": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"product": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"product": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"product_id": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_rt:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
},
"product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1705"
}
],
"notes": [
{
"category": "general",
"text": "Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1705",
"url": "https://www.suse.com/security/cve/CVE-2022-1705"
},
{
"category": "external",
"summary": "SUSE Bug 1201434 for CVE-2022-1705",
"url": "https://bugzilla.suse.com/1201434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-1705"
},
{
"cve": "CVE-2022-1962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1962"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1962",
"url": "https://www.suse.com/security/cve/CVE-2022-1962"
},
{
"category": "external",
"summary": "SUSE Bug 1201448 for CVE-2022-1962",
"url": "https://bugzilla.suse.com/1201448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-1962"
},
{
"cve": "CVE-2022-24675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-24675"
}
],
"notes": [
{
"category": "general",
"text": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-24675",
"url": "https://www.suse.com/security/cve/CVE-2022-24675"
},
{
"category": "external",
"summary": "SUSE Bug 1198423 for CVE-2022-24675",
"url": "https://bugzilla.suse.com/1198423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-27536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27536"
}
],
"notes": [
{
"category": "general",
"text": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27536",
"url": "https://www.suse.com/security/cve/CVE-2022-27536"
},
{
"category": "external",
"summary": "SUSE Bug 1198427 for CVE-2022-27536",
"url": "https://bugzilla.suse.com/1198427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-27664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-27664"
}
],
"notes": [
{
"category": "general",
"text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-27664",
"url": "https://www.suse.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "SUSE Bug 1203185 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203185"
},
{
"category": "external",
"summary": "SUSE Bug 1203293 for CVE-2022-27664",
"url": "https://bugzilla.suse.com/1203293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-27664"
},
{
"cve": "CVE-2022-28131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28131"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28131",
"url": "https://www.suse.com/security/cve/CVE-2022-28131"
},
{
"category": "external",
"summary": "SUSE Bug 1201443 for CVE-2022-28131",
"url": "https://bugzilla.suse.com/1201443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-28131"
},
{
"cve": "CVE-2022-28327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-28327"
}
],
"notes": [
{
"category": "general",
"text": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-28327",
"url": "https://www.suse.com/security/cve/CVE-2022-28327"
},
{
"category": "external",
"summary": "SUSE Bug 1198424 for CVE-2022-28327",
"url": "https://bugzilla.suse.com/1198424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-2879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2879"
}
],
"notes": [
{
"category": "general",
"text": "Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2879",
"url": "https://www.suse.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "SUSE Bug 1204024 for CVE-2022-2879",
"url": "https://bugzilla.suse.com/1204024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-2879"
},
{
"cve": "CVE-2022-2880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2880"
}
],
"notes": [
{
"category": "general",
"text": "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2880",
"url": "https://www.suse.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "SUSE Bug 1204025 for CVE-2022-2880",
"url": "https://bugzilla.suse.com/1204025"
},
{
"category": "external",
"summary": "SUSE Bug 1204076 for CVE-2022-2880",
"url": "https://bugzilla.suse.com/1204076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-2880"
},
{
"cve": "CVE-2022-29526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29526"
}
],
"notes": [
{
"category": "general",
"text": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29526",
"url": "https://www.suse.com/security/cve/CVE-2022-29526"
},
{
"category": "external",
"summary": "SUSE Bug 1199413 for CVE-2022-29526",
"url": "https://bugzilla.suse.com/1199413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-29526"
},
{
"cve": "CVE-2022-29804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-29804"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-29804",
"url": "https://www.suse.com/security/cve/CVE-2022-29804"
},
{
"category": "external",
"summary": "SUSE Bug 1200137 for CVE-2022-29804",
"url": "https://bugzilla.suse.com/1200137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-29804"
},
{
"cve": "CVE-2022-30580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30580"
}
],
"notes": [
{
"category": "general",
"text": "Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either \"..com\" or \"..exe\" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30580",
"url": "https://www.suse.com/security/cve/CVE-2022-30580"
},
{
"category": "external",
"summary": "SUSE Bug 1200136 for CVE-2022-30580",
"url": "https://bugzilla.suse.com/1200136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-30580"
},
{
"cve": "CVE-2022-30629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30629"
}
],
"notes": [
{
"category": "general",
"text": "Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30629",
"url": "https://www.suse.com/security/cve/CVE-2022-30629"
},
{
"category": "external",
"summary": "SUSE Bug 1200135 for CVE-2022-30629",
"url": "https://bugzilla.suse.com/1200135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30629"
},
{
"cve": "CVE-2022-30630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30630"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30630",
"url": "https://www.suse.com/security/cve/CVE-2022-30630"
},
{
"category": "external",
"summary": "SUSE Bug 1201447 for CVE-2022-30630",
"url": "https://bugzilla.suse.com/1201447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30630"
},
{
"cve": "CVE-2022-30631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30631"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30631",
"url": "https://www.suse.com/security/cve/CVE-2022-30631"
},
{
"category": "external",
"summary": "SUSE Bug 1201437 for CVE-2022-30631",
"url": "https://bugzilla.suse.com/1201437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30631"
},
{
"cve": "CVE-2022-30632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30632"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30632",
"url": "https://www.suse.com/security/cve/CVE-2022-30632"
},
{
"category": "external",
"summary": "SUSE Bug 1201445 for CVE-2022-30632",
"url": "https://bugzilla.suse.com/1201445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30632"
},
{
"cve": "CVE-2022-30633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30633"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the \u0027any\u0027 field tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30633",
"url": "https://www.suse.com/security/cve/CVE-2022-30633"
},
{
"category": "external",
"summary": "SUSE Bug 1201440 for CVE-2022-30633",
"url": "https://bugzilla.suse.com/1201440"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30633"
},
{
"cve": "CVE-2022-30634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30634"
}
],
"notes": [
{
"category": "general",
"text": "Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 \u003c\u003c 32 - 1 bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30634",
"url": "https://www.suse.com/security/cve/CVE-2022-30634"
},
{
"category": "external",
"summary": "SUSE Bug 1200134 for CVE-2022-30634",
"url": "https://bugzilla.suse.com/1200134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30634"
},
{
"cve": "CVE-2022-30635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-30635"
}
],
"notes": [
{
"category": "general",
"text": "Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-30635",
"url": "https://www.suse.com/security/cve/CVE-2022-30635"
},
{
"category": "external",
"summary": "SUSE Bug 1201444 for CVE-2022-30635",
"url": "https://bugzilla.suse.com/1201444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-30635"
},
{
"cve": "CVE-2022-32148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32148"
}
],
"notes": [
{
"category": "general",
"text": "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32148",
"url": "https://www.suse.com/security/cve/CVE-2022-32148"
},
{
"category": "external",
"summary": "SUSE Bug 1201436 for CVE-2022-32148",
"url": "https://bugzilla.suse.com/1201436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-32148"
},
{
"cve": "CVE-2022-32189",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32189"
}
],
"notes": [
{
"category": "general",
"text": "A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32189",
"url": "https://www.suse.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "SUSE Bug 1202035 for CVE-2022-32189",
"url": "https://bugzilla.suse.com/1202035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-32189"
},
{
"cve": "CVE-2022-41715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41715"
}
],
"notes": [
{
"category": "general",
"text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41715",
"url": "https://www.suse.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "SUSE Bug 1204023 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1204023"
},
{
"category": "external",
"summary": "SUSE Bug 1208441 for CVE-2022-41715",
"url": "https://bugzilla.suse.com/1208441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-41715"
},
{
"cve": "CVE-2022-41716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41716"
}
],
"notes": [
{
"category": "general",
"text": "Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string \"A=B\\x00C=D\" sets the variables \"A=B\" and \"C=D\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41716",
"url": "https://www.suse.com/security/cve/CVE-2022-41716"
},
{
"category": "external",
"summary": "SUSE Bug 1204941 for CVE-2022-41716",
"url": "https://bugzilla.suse.com/1204941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-41716"
},
{
"cve": "CVE-2022-41717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41717"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41717",
"url": "https://www.suse.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "SUSE Bug 1206135 for CVE-2022-41717",
"url": "https://bugzilla.suse.com/1206135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-41720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41720"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41720",
"url": "https://www.suse.com/security/cve/CVE-2022-41720"
},
{
"category": "external",
"summary": "SUSE Bug 1206134 for CVE-2022-41720",
"url": "https://bugzilla.suse.com/1206134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-41720"
},
{
"cve": "CVE-2022-41723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41723"
}
],
"notes": [
{
"category": "general",
"text": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41723",
"url": "https://www.suse.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "SUSE Bug 1208270 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1208270"
},
{
"category": "external",
"summary": "SUSE Bug 1215588 for CVE-2022-41723",
"url": "https://bugzilla.suse.com/1215588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-41723"
},
{
"cve": "CVE-2022-41724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41724"
}
],
"notes": [
{
"category": "general",
"text": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth \u003e= RequestClientCert).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41724",
"url": "https://www.suse.com/security/cve/CVE-2022-41724"
},
{
"category": "external",
"summary": "SUSE Bug 1208271 for CVE-2022-41724",
"url": "https://bugzilla.suse.com/1208271"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "important"
}
],
"title": "CVE-2022-41724"
},
{
"cve": "CVE-2022-41725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41725"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing \"up to maxMemory bytes +10MB (reserved for non-file parts) in memory\". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type\u0027s documentation states, \"If stored on disk, the File\u0027s underlying concrete type will be an *os.File.\". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41725",
"url": "https://www.suse.com/security/cve/CVE-2022-41725"
},
{
"category": "external",
"summary": "SUSE Bug 1208272 for CVE-2022-41725",
"url": "https://bugzilla.suse.com/1208272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-30T06:54:51Z",
"details": "moderate"
}
],
"title": "CVE-2022-41725"
}
]
}
WID-SEC-W-2022-0288
Vulnerability from csaf_certbund - Published: 2022-06-13 22:00 - Updated: 2025-11-18 23:00Summary
Red Hat OpenShift: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuführen, einen nicht näher spezifizierten Angriff durchzuführen, vertrauliche Informationen offenzulegen und Daten zu manipulieren.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Red Hat OpenShift Service Mesh <2.0.10
Red Hat / OpenShift
|
Service Mesh <2.0.10 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Tenable Security Nessus <10.3.1
Tenable Security / Nessus
|
<10.3.1 | ||
|
Red Hat OpenShift
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:-
|
— | |
|
Red Hat Enterprise Linux Service Interconnect 1
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:service_interconnect_1
|
Service Interconnect 1 | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.11.44
Red Hat / OpenShift
|
Container Platform <4.11.44 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift OpenShift Service Mesh <2.1.3
Red Hat / OpenShift
|
OpenShift Service Mesh <2.1.3 | ||
|
Red Hat OpenShift Developer Tools and Services 4.11
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:developer_tools_and_services_4.11
|
Developer Tools and Services 4.11 | |
|
IBM Spectrum Protect <10.1.14
IBM / Spectrum Protect
|
<10.1.14 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Tenable Security Nessus Network Monitor <6.2.0
Tenable Security / Nessus Network Monitor
|
<6.2.0 | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Red Hat JBoss Enterprise Application Platform <7.3.13
Red Hat / JBoss Enterprise Application Platform
|
<7.3.13 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 |
References
76 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen und Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0288 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0288.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0288 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0288"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-06-13",
"url": "https://access.redhat.com/errata/RHSA-2022:5003"
},
{
"category": "external",
"summary": "Red Hat Security Advisory vom 2022-06-13",
"url": "https://access.redhat.com/errata/RHSA-2022:5006"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5030 vom 2022-06-14",
"url": "https://access.redhat.com/errata/RHSA-2022:5030"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5201 vom 2022-06-28",
"url": "https://access.redhat.com/errata/RHSA-2022:5201"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5392 vom 2022-06-28",
"url": "https://access.redhat.com/errata/RHSA-2022:5392"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5337 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5337"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5415 vom 2022-06-30",
"url": "https://access.redhat.com/errata/RHSA-2022:5415"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5004 vom 2022-07-04",
"url": "https://access.redhat.com/errata/RHSA-2022:5004"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-17956 vom 2022-07-15",
"url": "https://linux.oracle.com/errata/ELSA-2022-17956.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9588 vom 2022-07-12",
"url": "https://linux.oracle.com/errata/ELSA-2022-9588.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9589 vom 2022-07-12",
"url": "https://linux.oracle.com/errata/ELSA-2022-9589.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5840 vom 2022-08-02",
"url": "https://access.redhat.com/errata/RHSA-2022:5840"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5875 vom 2022-08-09",
"url": "https://access.redhat.com/errata/RHSA-2022:5875"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1830 vom 2022-08-08",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1830.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202208-02 vom 2022-08-09",
"url": "https://security.gentoo.org/glsa/202208-02"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6040 vom 2022-08-10",
"url": "https://access.redhat.com/errata/RHSA-2022:6040"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6042 vom 2022-08-10",
"url": "https://access.redhat.com/errata/RHSA-2022:6042"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5559-1 vom 2022-08-10",
"url": "https://ubuntu.com/security/notices/USN-5559-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5068 vom 2022-08-10",
"url": "https://access.redhat.com/errata/RHSA-2022:5068"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6094 vom 2022-08-24",
"url": "https://access.redhat.com/errata/RHSA-2022:6094"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6156 vom 2022-08-24",
"url": "https://access.redhat.com/errata/RHSA-2022:6156"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6155 vom 2022-08-24",
"url": "https://access.redhat.com/errata/RHSA-2022:6155"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6187 vom 2022-08-25",
"url": "https://access.redhat.com/errata/RHSA-2022:6187"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6290 vom 2022-09-01",
"url": "https://access.redhat.com/errata/RHSA-2022:6290"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6277 vom 2022-09-01",
"url": "https://access.redhat.com/errata/RHSA-2022:6277"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6272 vom 2022-08-31",
"url": "https://access.redhat.com/errata/RHSA-2022:6272"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6152 vom 2022-09-01",
"url": "https://access.redhat.com/errata/RHSA-2022:6152"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9773 vom 2022-09-09",
"url": "https://linux.oracle.com/errata/ELSA-2022-9773.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9772 vom 2022-09-08",
"url": "https://linux.oracle.com/errata/ELSA-2022-9772.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6430 vom 2022-09-13",
"url": "https://access.redhat.com/errata/RHSA-2022:6430"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6714 vom 2022-09-26",
"url": "https://access.redhat.com/errata/RHSA-2022:6714"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9856 vom 2022-10-03",
"url": "https://linux.oracle.com/errata/ELSA-2022-9856.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6813 vom 2022-10-05",
"url": "https://access.redhat.com/errata/RHSA-2022:6813"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9853 vom 2022-10-06",
"url": "https://linux.oracle.com/errata/ELSA-2022-9853.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9854 vom 2022-10-05",
"url": "https://linux.oracle.com/errata/ELSA-2022-9854.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2022-020 vom 2022-10-14",
"url": "https://alas.aws.amazon.com/AL2/ALASDOCKER-2022-020.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7058 vom 2022-10-20",
"url": "https://access.redhat.com/errata/RHSA-2022:7058"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1859 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1859.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1865 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1865.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1860 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1860.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1862 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1862.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1863 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1863.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1861 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1861.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1858 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1858.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2022-1864 vom 2022-10-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1864.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2022-20 vom 2022-10-26",
"url": "https://www.tenable.com/security/tns-2022-20"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-10033 vom 2022-11-30",
"url": "https://linux.oracle.com/errata/ELSA-2022-10033.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-10036 vom 2022-11-29",
"url": "https://linux.oracle.com/errata/ELSA-2022-10036.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8750 vom 2022-12-02",
"url": "https://access.redhat.com/errata/RHSA-2022:8750"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2022-28 vom 2022-12-19",
"url": "https://www.tenable.com/security/tns-2022-28"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12013 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12013.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12014 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12014.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12011 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12011.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2023-12012 vom 2023-01-11",
"url": "https://linux.oracle.com/errata/ELSA-2023-12012.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0076 vom 2023-01-11",
"url": "https://access.redhat.com/errata/RHSA-2023:0076"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1042 vom 2023-03-07",
"url": "https://access.redhat.com/errata/RHSA-2023:1042"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6955067 vom 2023-03-16",
"url": "https://www.ibm.com/support/pages/node/6955067"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1529 vom 2023-03-30",
"url": "https://access.redhat.com/errata/RHSA-2023:1529"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3642 vom 2023-06-15",
"url": "https://access.redhat.com/errata/RHSA-2023:3642"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3664 vom 2023-06-19",
"url": "https://access.redhat.com/errata/RHSA-2023:3664"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3954 vom 2023-06-29",
"url": "https://access.redhat.com/errata/RHSA-2023:3954"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3914 vom 2023-07-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3914"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3915 vom 2023-07-06",
"url": "https://access.redhat.com/errata/RHSA-2023:3915"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4003 vom 2023-07-10",
"url": "https://access.redhat.com/errata/RHSA-2023:4003"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4226 vom 2025-04-28",
"url": "https://access.redhat.com/errata/RHSA-2025:4226"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2025-055 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2025-055.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4437 vom 2025-05-05",
"url": "https://access.redhat.com/errata/RHSA-2025:4437"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-18T23:00:00.000+00:00",
"generator": {
"date": "2025-11-19T09:42:40.521+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2022-0288",
"initial_release_date": "2022-06-13T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-06-13T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-06-14T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-22T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-E46E6E8317, FEDORA-2022-BA365D3703, FEDORA-2022-FE8D1879BC"
},
{
"date": "2022-06-27T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-28T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-30T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-14T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-08-02T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-08T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Fedora, Red Hat und Amazon aufgenommen"
},
{
"date": "2022-08-09T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2022-08-10T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2022-08-23T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-24T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-25T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-08-31T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-01T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-08T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-09-12T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-26T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-10-05T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2022-10-13T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-10-19T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-23T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-10-26T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-29T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-01T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-19T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Tenable aufgenommen"
},
{
"date": "2023-01-10T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-01-11T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-01T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-06T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-15T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-29T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-15T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-19T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-29T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-05T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-10T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-27T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-29T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-05-04T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "45"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.14",
"product": {
"name": "IBM Spectrum Protect \u003c10.1.14",
"product_id": "T026783"
}
},
{
"category": "product_version",
"name": "10.1.14",
"product": {
"name": "IBM Spectrum Protect 10.1.14",
"product_id": "T026783-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:10.1.14"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Service Interconnect 1",
"product": {
"name": "Red Hat Enterprise Linux Service Interconnect 1",
"product_id": "T028472",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:service_interconnect_1"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.3.13",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c7.3.13",
"product_id": "T043288"
}
},
{
"category": "product_version",
"name": "7.3.13",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7.3.13",
"product_id": "T043288-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.13"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift",
"product": {
"name": "Red Hat OpenShift",
"product_id": "T008027",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:-"
}
}
},
{
"category": "product_version_range",
"name": "Service Mesh \u003c2.0.10",
"product": {
"name": "Red Hat OpenShift Service Mesh \u003c2.0.10",
"product_id": "T023475"
}
},
{
"category": "product_version",
"name": "Service Mesh 2.0.10",
"product": {
"name": "Red Hat OpenShift Service Mesh 2.0.10",
"product_id": "T023475-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:service_mesh__2.0.10"
}
}
},
{
"category": "product_version_range",
"name": "OpenShift Service Mesh \u003c2.1.3",
"product": {
"name": "Red Hat OpenShift OpenShift Service Mesh \u003c2.1.3",
"product_id": "T023476"
}
},
{
"category": "product_version",
"name": "OpenShift Service Mesh 2.1.3",
"product": {
"name": "Red Hat OpenShift OpenShift Service Mesh 2.1.3",
"product_id": "T023476-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:openshift_service_mesh__2.1.3"
}
}
},
{
"category": "product_version",
"name": "Developer Tools and Services 4.11",
"product": {
"name": "Red Hat OpenShift Developer Tools and Services 4.11",
"product_id": "T028205",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:developer_tools_and_services_4.11"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.11.44",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.11.44",
"product_id": "T028416"
}
},
{
"category": "product_version",
"name": "Container Platform 4.11.44",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11.44",
"product_id": "T028416-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.11.44"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.3.1",
"product": {
"name": "Tenable Security Nessus \u003c10.3.1",
"product_id": "T025130"
}
},
{
"category": "product_version",
"name": "10.3.1",
"product": {
"name": "Tenable Security Nessus 10.3.1",
"product_id": "T025130-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.3.1"
}
}
}
],
"category": "product_name",
"name": "Nessus"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.0",
"product": {
"name": "Tenable Security Nessus Network Monitor \u003c6.2.0",
"product_id": "T025651"
}
},
{
"category": "product_version",
"name": "6.2.0",
"product": {
"name": "Tenable Security Nessus Network Monitor 6.2.0",
"product_id": "T025651-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus_network_monitor:6.2.0"
}
}
}
],
"category": "product_name",
"name": "Nessus Network Monitor"
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-23806",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-24675",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-28327",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-29224",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-29224"
},
{
"cve": "CVE-2022-29225",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-29225"
},
{
"cve": "CVE-2022-29226",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-29226"
},
{
"cve": "CVE-2022-29228",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-29228"
},
{
"cve": "CVE-2022-31045",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"T023475",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-31045"
},
{
"cve": "CVE-2022-1650",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-1650"
},
{
"cve": "CVE-2022-24785",
"product_status": {
"known_affected": [
"T025130",
"T008027",
"T028472",
"67646",
"T012167",
"T004914",
"T000126",
"T028416",
"398363",
"T023476",
"T028205",
"T026783",
"T048677",
"T025651",
"T048676",
"T043288",
"T048675"
]
},
"release_date": "2022-06-13T22:00:00.000+00:00",
"title": "CVE-2022-24785"
}
]
}
WID-SEC-W-2022-0515
Vulnerability from csaf_certbund - Published: 2022-06-29 22:00 - Updated: 2023-06-08 22:00Summary
IBM Spectrum Protect: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff: Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
- Sonstiges
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuführen, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuführen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erhöhte Rechte.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Spectrum Protect 10.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:10.1
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Spectrum Protect 8.1
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
References
17 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0515 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0515.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0515 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0515"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6151-1 vom 2023-06-09",
"url": "https://ubuntu.com/security/notices/USN-6151-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5984-1 vom 2023-03-29",
"url": "https://www.cybersecurity-help.cz/vdb/SB2023032948"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596399"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596907"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596881"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596741"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596883"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596971"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596895"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596379"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596877"
},
{
"category": "external",
"summary": "IBM Security Advisory vom 2022-06-29",
"url": "https://www.ibm.com/support/pages/node/6596875"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2022-027 vom 2022-07-21",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-027.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2022-029 vom 2022-07-21",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-029.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6618019 vom 2022-09-03",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-and-denial-of-service-vulnerabilities-in-the-ibm-spectrum-protect-backup-archive-client-may-affect-ibm-spectrum-protect-for-space-management-cve-2022-22478/"
}
],
"source_lang": "en-US",
"title": "IBM Spectrum Protect: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-08T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:29:37.582+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0515",
"initial_release_date": "2022-06-29T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-06-29T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-07-20T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-09-04T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-03-29T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2023-06-08T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Spectrum Protect 8.1",
"product": {
"name": "IBM Spectrum Protect 8.1",
"product_id": "T010033",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:8.1"
}
}
},
{
"category": "product_name",
"name": "IBM Spectrum Protect 10.1",
"product": {
"name": "IBM Spectrum Protect 10.1",
"product_id": "T023649",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:10.1"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25704",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-25704"
},
{
"cve": "CVE-2020-29368",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-29368"
},
{
"cve": "CVE-2020-36322",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-36322"
},
{
"cve": "CVE-2020-36385",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2020-36385"
},
{
"cve": "CVE-2021-20269",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-20269"
},
{
"cve": "CVE-2021-20321",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-20321"
},
{
"cve": "CVE-2021-20322",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-20322"
},
{
"cve": "CVE-2021-21781",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-21781"
},
{
"cve": "CVE-2021-28950",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-28950"
},
{
"cve": "CVE-2021-28971",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-28971"
},
{
"cve": "CVE-2021-29650",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-29650"
},
{
"cve": "CVE-2021-31916",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-31916"
},
{
"cve": "CVE-2021-35550",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-35550"
},
{
"cve": "CVE-2021-35603",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-35603"
},
{
"cve": "CVE-2021-3573",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-3573"
},
{
"cve": "CVE-2021-3635",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-3635"
},
{
"cve": "CVE-2021-3669",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-3669"
},
{
"cve": "CVE-2021-3764",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-3764"
},
{
"cve": "CVE-2021-38201",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-38201"
},
{
"cve": "CVE-2021-38561",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-38561"
},
{
"cve": "CVE-2021-4002",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4002"
},
{
"cve": "CVE-2021-4028",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4028"
},
{
"cve": "CVE-2021-4083",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4083"
},
{
"cve": "CVE-2021-4154",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4154"
},
{
"cve": "CVE-2021-4155",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4155"
},
{
"cve": "CVE-2021-4157",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4157"
},
{
"cve": "CVE-2021-41864",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-41864"
},
{
"cve": "CVE-2021-4197",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4197"
},
{
"cve": "CVE-2021-4203",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-4203"
},
{
"cve": "CVE-2021-43565",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2021-44733",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-44733"
},
{
"cve": "CVE-2021-45485",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-45485"
},
{
"cve": "CVE-2021-45486",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2021-45486"
},
{
"cve": "CVE-2022-0185",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-0185"
},
{
"cve": "CVE-2022-0286",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-0286"
},
{
"cve": "CVE-2022-0492",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-0492"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-0847",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-0847"
},
{
"cve": "CVE-2022-0850",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-0850"
},
{
"cve": "CVE-2022-1011",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-1011"
},
{
"cve": "CVE-2022-22472",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22472"
},
{
"cve": "CVE-2022-22474",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22474"
},
{
"cve": "CVE-2022-22478",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22478"
},
{
"cve": "CVE-2022-22487",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22487"
},
{
"cve": "CVE-2022-22494",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22494"
},
{
"cve": "CVE-2022-22496",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22496"
},
{
"cve": "CVE-2022-22942",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-22942"
},
{
"cve": "CVE-2022-24675",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24842",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-24842"
},
{
"cve": "CVE-2022-27536",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-27536"
},
{
"cve": "CVE-2022-28327",
"notes": [
{
"category": "description",
"text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten OpenSSL, Container Backup and Restore, Storage Agent, Client, Operations Center, Linux Kernel, MinIO , Golang Go, Java SE und in den Prozessen dsmcad, dsmc und dsmcsvc. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand herbeizuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, beliebigen Code auszuf\u00fchren, seine Rechte zu erweitern oder beliebigen Code mit Root-Rechten auszuf\u00fchren. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert erh\u00f6hte Rechte."
}
],
"product_status": {
"known_affected": [
"T023649",
"T000126",
"T010033",
"398363"
]
},
"release_date": "2022-06-29T22:00:00.000+00:00",
"title": "CVE-2022-28327"
}
]
}
WID-SEC-W-2022-1335
Vulnerability from csaf_certbund - Published: 2022-09-07 22:00 - Updated: 2025-10-06 22:00Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1335 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1335.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1335 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1335"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-021 vom 2022-09-07",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2022/09/Xerox-Security-Bulletin-XRX22-021-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-007 vom 2023-05-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/05/Xerox-Security-Bulletin-XRX23-007-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-017 vom 2025-10-07",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/10/Xerox-Security-Bulletin-XRX25-017-for-Xerox-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-06T22:00:00.000+00:00",
"generator": {
"date": "2025-10-07T08:04:35.259+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2022-1335",
"initial_release_date": "2022-09-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7",
"product": {
"name": "Xerox FreeFlow Print Server 7",
"product_id": "T000872",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:7"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
},
{
"category": "product_version",
"name": "v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2019-19906",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2020-0499",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-0499"
},
{
"cve": "CVE-2020-25717",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-29651",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-29651"
},
{
"cve": "CVE-2021-0561",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-0561"
},
{
"cve": "CVE-2021-21708",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-21708"
},
{
"cve": "CVE-2021-22946",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-25220",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-29923",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-30809",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30809"
},
{
"cve": "CVE-2021-30818",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30818"
},
{
"cve": "CVE-2021-30823",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30823"
},
{
"cve": "CVE-2021-30836",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30836"
},
{
"cve": "CVE-2021-30884",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30884"
},
{
"cve": "CVE-2021-30887",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30887"
},
{
"cve": "CVE-2021-30888",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30888"
},
{
"cve": "CVE-2021-30889",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30889"
},
{
"cve": "CVE-2021-30890",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30890"
},
{
"cve": "CVE-2021-30897",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30897"
},
{
"cve": "CVE-2021-30934",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30936",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30951",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30984",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-3448",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-3448"
},
{
"cve": "CVE-2021-34558",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-34558"
},
{
"cve": "CVE-2021-36221",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-4115",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4115"
},
{
"cve": "CVE-2021-4136",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2021-4166",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4173",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-41771",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-4187",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4192",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4193",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4217",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2021-43519",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-43519"
},
{
"cve": "CVE-2021-43566",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-43566"
},
{
"cve": "CVE-2021-44142",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-44142"
},
{
"cve": "CVE-2021-45444",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-45481",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45481"
},
{
"cve": "CVE-2021-45482",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45482"
},
{
"cve": "CVE-2021-45483",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45483"
},
{
"cve": "CVE-2021-45960",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45960"
},
{
"cve": "CVE-2021-46143",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-46143"
},
{
"cve": "CVE-2022-0128",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2022-0156",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0156"
},
{
"cve": "CVE-2022-0158",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0158"
},
{
"cve": "CVE-2022-0261",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0261"
},
{
"cve": "CVE-2022-0318",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0318"
},
{
"cve": "CVE-2022-0319",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0319"
},
{
"cve": "CVE-2022-0336",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0336"
},
{
"cve": "CVE-2022-0391",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-0408",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0408"
},
{
"cve": "CVE-2022-0413",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0413"
},
{
"cve": "CVE-2022-0417",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0417"
},
{
"cve": "CVE-2022-0443",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0443"
},
{
"cve": "CVE-2022-0554",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0554"
},
{
"cve": "CVE-2022-0566",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0566"
},
{
"cve": "CVE-2022-0572",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0572"
},
{
"cve": "CVE-2022-0629",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0629"
},
{
"cve": "CVE-2022-0685",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0685"
},
{
"cve": "CVE-2022-0696",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0714",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0714"
},
{
"cve": "CVE-2022-0729",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0729"
},
{
"cve": "CVE-2022-0778",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-1097",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1097"
},
{
"cve": "CVE-2022-1196",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1196"
},
{
"cve": "CVE-2022-1197",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1197"
},
{
"cve": "CVE-2022-1271",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1271"
},
{
"cve": "CVE-2022-1520",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1520"
},
{
"cve": "CVE-2022-1834",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1834"
},
{
"cve": "CVE-2022-21245",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21291",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-21303",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21349",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21367",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21426",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-21434",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21434"
},
{
"cve": "CVE-2022-21443",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21443"
},
{
"cve": "CVE-2022-21449",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21449"
},
{
"cve": "CVE-2022-21476",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21476"
},
{
"cve": "CVE-2022-21493",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21493"
},
{
"cve": "CVE-2022-21494",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21494"
},
{
"cve": "CVE-2022-21496",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21496"
},
{
"cve": "CVE-2022-21514",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21514"
},
{
"cve": "CVE-2022-21524",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21524"
},
{
"cve": "CVE-2022-21533",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21533"
},
{
"cve": "CVE-2022-21712",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21712"
},
{
"cve": "CVE-2022-21716",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21716"
},
{
"cve": "CVE-2022-22589",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-22590",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22590"
},
{
"cve": "CVE-2022-22592",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22592"
},
{
"cve": "CVE-2022-22620",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22620"
},
{
"cve": "CVE-2022-22719",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22818",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-22822",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-22825",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22825"
},
{
"cve": "CVE-2022-22826",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22826"
},
{
"cve": "CVE-2022-22827",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22827"
},
{
"cve": "CVE-2022-23308",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-23772",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-23833",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-23852",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-23990",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23990"
},
{
"cve": "CVE-2022-24130",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24130"
},
{
"cve": "CVE-2022-24407",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-24675",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24713",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24713"
},
{
"cve": "CVE-2022-24801",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24801"
},
{
"cve": "CVE-2022-25235",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25313",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25314",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-25762",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25762"
},
{
"cve": "CVE-2022-26381",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26381"
},
{
"cve": "CVE-2022-26383",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26383"
},
{
"cve": "CVE-2022-26384",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26384"
},
{
"cve": "CVE-2022-26386",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26386"
},
{
"cve": "CVE-2022-26387",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26387"
},
{
"cve": "CVE-2022-26485",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26485"
},
{
"cve": "CVE-2022-26486",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26486"
},
{
"cve": "CVE-2022-28281",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28281"
},
{
"cve": "CVE-2022-28282",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28282"
},
{
"cve": "CVE-2022-28285",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28285"
},
{
"cve": "CVE-2022-28286",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28286"
},
{
"cve": "CVE-2022-28289",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28289"
},
{
"cve": "CVE-2022-28327",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-28346",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28346"
},
{
"cve": "CVE-2022-28347",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28347"
},
{
"cve": "CVE-2022-29824",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-29909",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29909"
},
{
"cve": "CVE-2022-29911",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29911"
},
{
"cve": "CVE-2022-29912",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29912"
},
{
"cve": "CVE-2022-29913",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29913"
},
{
"cve": "CVE-2022-29914",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29914"
},
{
"cve": "CVE-2022-29916",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29916"
},
{
"cve": "CVE-2022-29917",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29917"
},
{
"cve": "CVE-2022-31736",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31736"
},
{
"cve": "CVE-2022-31737",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31737"
},
{
"cve": "CVE-2022-31738",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31738"
},
{
"cve": "CVE-2022-31739",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31739"
},
{
"cve": "CVE-2022-3174",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-3174"
},
{
"cve": "CVE-2022-31740",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31740"
},
{
"cve": "CVE-2022-31741",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31741"
},
{
"cve": "CVE-2022-31742",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31742"
},
{
"cve": "CVE-2022-31747",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31747"
},
{
"cve": "CVE-2022-4187",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-4187"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…