Vulnerability-Lookup

CVE-2022-29526 (GCVE-0-2022-29526)

Vulnerability from cvelistv5 – Published: 2022-06-22 13:15 – Updated: 2024-08-03 06:26

Summary

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

Assigner

mitre

References

9 references

URL	Tags
https://groups.google.com/g/golang-announce	x_refsource_MISC
https://github.com/golang/go/issues/52313	x_refsource_MISC
https://groups.google.com/g/golang-announce/c/Y5q…	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://security.netapp.com/advisory/ntap-2022072…	x_refsource_CONFIRM
https://security.gentoo.org/glsa/202208-02	vendor-advisoryx_refsource_GENTOO
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:26:06.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/golang/go/issues/52313"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
          },
          {
            "name": "FEDORA-2022-fae3ecee19",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
          },
          {
            "name": "FEDORA-2022-ffe7dba2cb",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/"
          },
          {
            "name": "FEDORA-2022-ba365d3703",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220729-0001/"
          },
          {
            "name": "GLSA-202208-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-02"
          },
          {
            "name": "FEDORA-2022-30c5ed5625",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-17T03:08:35.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://groups.google.com/g/golang-announce"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/golang/go/issues/52313"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        },
        {
          "name": "FEDORA-2022-fae3ecee19",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
        },
        {
          "name": "FEDORA-2022-ffe7dba2cb",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/"
        },
        {
          "name": "FEDORA-2022-ba365d3703",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220729-0001/"
        },
        {
          "name": "GLSA-202208-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202208-02"
        },
        {
          "name": "FEDORA-2022-30c5ed5625",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-29526",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://groups.google.com/g/golang-announce",
              "refsource": "MISC",
              "url": "https://groups.google.com/g/golang-announce"
            },
            {
              "name": "https://github.com/golang/go/issues/52313",
              "refsource": "MISC",
              "url": "https://github.com/golang/go/issues/52313"
            },
            {
              "name": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
              "refsource": "MISC",
              "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
            },
            {
              "name": "FEDORA-2022-fae3ecee19",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
            },
            {
              "name": "FEDORA-2022-ffe7dba2cb",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/"
            },
            {
              "name": "FEDORA-2022-ba365d3703",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220729-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220729-0001/"
            },
            {
              "name": "GLSA-202208-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202208-02"
            },
            {
              "name": "FEDORA-2022-30c5ed5625",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-29526",
    "datePublished": "2022-06-22T13:15:32.000Z",
    "dateReserved": "2022-04-20T00:00:00.000Z",
    "dateUpdated": "2024-08-03T06:26:06.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-29526",
      "date": "2026-06-06",
      "epss": "0.00182",
      "percentile": "0.39788"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-29526\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-06-23T17:15:12.747\",\"lastModified\":\"2024-11-21T06:59:15.563\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.\"},{\"lang\":\"es\",\"value\":\"Go versiones anteriores a 1.17.10 y 1.18.x anteriores a 1.18.2, presenta una Asignaci\u00f3n Incorrecta de Privilegios. Cuando es llamada con un par\u00e1metro flags distinto de cero, la funci\u00f3n Faccessat podr\u00eda informar incorrectamente de que un archivo es accesible\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.17.10\",\"matchCriteriaId\":\"397D7E19-74A1-4CCC-BF0A-D5A03151F171\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.18.0\",\"versionEndExcluding\":\"1.18.2\",\"matchCriteriaId\":\"660E9AFD-D920-43A5-AC24-CAA024A0456D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:beegfs_csi_driver:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B60CE797-9177-4705-B02D-83F5A48C5F6F\"}]}]}],\"references\":[{\"url\":\"https://github.com/golang/go/issues/52313\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/golang/go/issues/52313\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202208-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

RHSA-2022:6156

Vulnerability from csaf_redhat - Published: 2022-08-24 13:45 - Updated: 2026-06-02 17:37

Summary

Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update

Severity

Important

Notes

Topic: Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API. Security Fix(es): * eventsource: Exposure of Sensitive Information (CVE-2022-1650) * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129) * nodejs-set-value: type confusion allows bypass of CVE-2019-10747 (CVE-2021-23440) * nanoid: Information disclosure via valueOf() function (CVE-2021-23566) * node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235) * follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536) * prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698) * golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772) * golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773) * golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806) * golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) * node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771) * node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772) * node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773) * Moment.js: Path traversal in moment.locale (CVE-2022-24785) * golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921) * golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses (CVE-2022-29810) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): These updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes: https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.11/html/4.11_release_notes/index All Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images, which provide numerous bug fixes and enhancements.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2021-23440

A type confusion vulnerability in nodejs-set-value can lead to a bypass of CVE-2019-10747. If the user-provided keys used in the path parameter are arrays, the function mixin-deep can be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype, or _proto_ payloads. This vulnerability can impact data confidentiality, integrity, and availability.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2021-23566

A flaw was found in the nanoid library where the valueOf() function allows the reproduction of the last id generated. This flaw allows an attacker to expose sensitive information.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-0235

A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-0536

A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-319 - Cleartext Transmission of Sensitive Information

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-1650

A flaw was found in the EventSource NPM Package. The description from the source states the following message: "Exposure of Sensitive Information to an Unauthorized Actor." This flaw allows an attacker to steal the user's credentials and then use the credentials to access the legitimate website.

9.3 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Important

CVE-2022-21698

A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-772 - Missing Release of Resource after Effective Lifetime

Affected products

Fixed 9 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le	—	Vendor Fix fix

Known not affected 69 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-23772

A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 21 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64	—	Vendor Fix fix

Known not affected 57 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—

Threats

Impact Moderate

CVE-2022-23773

A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-266 - Incorrect Privilege Assignment

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix

Known not affected 72 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-23806

A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CWE-252 - Unchecked Return Value

Affected products

Fixed 15 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix

Known not affected 63 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-24675

A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 39 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64	—	Vendor Fix fix

Known not affected 39 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—

Threats

Impact Moderate

CVE-2022-24771

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x	—	Vendor Fix fix

Known not affected 72 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-24772

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x	—	Vendor Fix fix

Known not affected 72 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-24773

A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x	—	Vendor Fix fix

Known not affected 72 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-24785

A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix Workaround

Known not affected 75 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x	—	Workaround
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64	—	Workaround

Threats

Impact Moderate

CVE-2022-24921

A stack overflow flaw was found in Golang's regexp module, which can crash the runtime if the application using regexp accepts very long or arbitrarily long regexps from untrusted sources that have sufficient nesting depths. To exploit this vulnerability, an attacker would need to send large regexps with deep nesting to the application. Triggering this flaw leads to a crash of the runtime, which causes a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 21 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64	—	Vendor Fix fix

Known not affected 57 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—

Threats

Impact Moderate

CVE-2022-28327

An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 39 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64	—	Vendor Fix fix

Known not affected 39 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—

Threats

Impact Moderate

CVE-2022-29526

A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file's group, affecting system availability.

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-358 - Improperly Implemented Security Check for Standard

Affected products

Fixed 9 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le	—	Vendor Fix fix

Known not affected 69 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-29810

A flaw was found in go-getter, where the go-getter library can write SSH credentials into its log file. This flaw allows a local user with access to read log files to read sensitive credentials, which may lead to privilege escalation or account takeover.

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Moderate

CVE-2022-31129

A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le	—	Vendor Fix fix

Known not affected 75 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64		—
Unresolved product id: 8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x		—
Unresolved product id: 8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64		—

Threats

Impact Important

References

230 references

URL	Category
https://access.redhat.com/errata/RHSA-2022:6156	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com//documentation/en-us/re…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1937117	external
https://bugzilla.redhat.com/show_bug.cgi?id=1947482	external
https://bugzilla.redhat.com/show_bug.cgi?id=1973317	external
https://bugzilla.redhat.com/show_bug.cgi?id=1996829	external
https://bugzilla.redhat.com/show_bug.cgi?id=2004944	external
https://bugzilla.redhat.com/show_bug.cgi?id=2027724	external
https://bugzilla.redhat.com/show_bug.cgi?id=2029298	external
https://bugzilla.redhat.com/show_bug.cgi?id=2044591	external
https://bugzilla.redhat.com/show_bug.cgi?id=2045880	external
https://bugzilla.redhat.com/show_bug.cgi?id=2047173	external
https://bugzilla.redhat.com/show_bug.cgi?id=2050853	external
https://bugzilla.redhat.com/show_bug.cgi?id=2050897	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053259	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053429	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053532	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053541	external
https://bugzilla.redhat.com/show_bug.cgi?id=2056697	external
https://bugzilla.redhat.com/show_bug.cgi?id=2058211	external
https://bugzilla.redhat.com/show_bug.cgi?id=2060487	external
https://bugzilla.redhat.com/show_bug.cgi?id=2060790	external
https://bugzilla.redhat.com/show_bug.cgi?id=2061713	external
https://bugzilla.redhat.com/show_bug.cgi?id=2063691	external
https://bugzilla.redhat.com/show_bug.cgi?id=2064426	external
https://bugzilla.redhat.com/show_bug.cgi?id=2064857	external
https://bugzilla.redhat.com/show_bug.cgi?id=2066514	external
https://bugzilla.redhat.com/show_bug.cgi?id=2067079	external
https://bugzilla.redhat.com/show_bug.cgi?id=2067387	external
https://bugzilla.redhat.com/show_bug.cgi?id=2067458	external
https://bugzilla.redhat.com/show_bug.cgi?id=2067461	external
https://bugzilla.redhat.com/show_bug.cgi?id=2069314	external
https://bugzilla.redhat.com/show_bug.cgi?id=2069319	external
https://bugzilla.redhat.com/show_bug.cgi?id=2069812	external
https://bugzilla.redhat.com/show_bug.cgi?id=2069815	external
https://bugzilla.redhat.com/show_bug.cgi?id=2070542	external
https://bugzilla.redhat.com/show_bug.cgi?id=2071494	external
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://bugzilla.redhat.com/show_bug.cgi?id=2073920	external
https://bugzilla.redhat.com/show_bug.cgi?id=2074810	external
https://bugzilla.redhat.com/show_bug.cgi?id=2075426	external
https://bugzilla.redhat.com/show_bug.cgi?id=2075581	external
https://bugzilla.redhat.com/show_bug.cgi?id=2076457	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077242	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://bugzilla.redhat.com/show_bug.cgi?id=2079866	external
https://bugzilla.redhat.com/show_bug.cgi?id=2079873	external
https://bugzilla.redhat.com/show_bug.cgi?id=2080279	external
https://bugzilla.redhat.com/show_bug.cgi?id=2081680	external
https://bugzilla.redhat.com/show_bug.cgi?id=2082028	external
https://bugzilla.redhat.com/show_bug.cgi?id=2082078	external
https://bugzilla.redhat.com/show_bug.cgi?id=2082497	external
https://bugzilla.redhat.com/show_bug.cgi?id=2083074	external
https://bugzilla.redhat.com/show_bug.cgi?id=2083441	external
https://bugzilla.redhat.com/show_bug.cgi?id=2083953	external
https://bugzilla.redhat.com/show_bug.cgi?id=2083993	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084041	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084201	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084503	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084546	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084565	external
https://bugzilla.redhat.com/show_bug.cgi?id=2085307	external
https://bugzilla.redhat.com/show_bug.cgi?id=2085351	external
https://bugzilla.redhat.com/show_bug.cgi?id=2085357	external
https://bugzilla.redhat.com/show_bug.cgi?id=2086557	external
https://bugzilla.redhat.com/show_bug.cgi?id=2086675	external
https://bugzilla.redhat.com/show_bug.cgi?id=2086982	external
https://bugzilla.redhat.com/show_bug.cgi?id=2086983	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087078	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087107	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087237	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087675	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087732	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087755	external
https://bugzilla.redhat.com/show_bug.cgi?id=2088359	external
https://bugzilla.redhat.com/show_bug.cgi?id=2088380	external
https://bugzilla.redhat.com/show_bug.cgi?id=2088506	external
https://bugzilla.redhat.com/show_bug.cgi?id=2088587	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089296	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089342	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089397	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089552	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089567	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089786	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089795	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089797	external
https://bugzilla.redhat.com/show_bug.cgi?id=2090278	external
https://bugzilla.redhat.com/show_bug.cgi?id=2090314	external
https://bugzilla.redhat.com/show_bug.cgi?id=2090953	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091487	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091638	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091641	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091681	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091894	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091951	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091998	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092143	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092217	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092220	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092349	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092372	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092400	external
https://bugzilla.redhat.com/show_bug.cgi?id=2093266	external
https://bugzilla.redhat.com/show_bug.cgi?id=2093848	external
https://bugzilla.redhat.com/show_bug.cgi?id=2094179	external
https://bugzilla.redhat.com/show_bug.cgi?id=2094853	external
https://bugzilla.redhat.com/show_bug.cgi?id=2094856	external
https://bugzilla.redhat.com/show_bug.cgi?id=2095155	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096209	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096414	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096509	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096513	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096823	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096937	external
https://bugzilla.redhat.com/show_bug.cgi?id=2097216	external
https://bugzilla.redhat.com/show_bug.cgi?id=2097287	external
https://bugzilla.redhat.com/show_bug.cgi?id=2097305	external
https://bugzilla.redhat.com/show_bug.cgi?id=2098121	external
https://bugzilla.redhat.com/show_bug.cgi?id=2098261	external
https://bugzilla.redhat.com/show_bug.cgi?id=2098536	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099265	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099581	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099609	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099646	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099660	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099724	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099965	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100326	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100352	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100946	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101139	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101380	external
https://bugzilla.redhat.com/show_bug.cgi?id=2103818	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104833	external
https://bugzilla.redhat.com/show_bug.cgi?id=2105075	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2021-23440	self
https://bugzilla.redhat.com/show_bug.cgi?id=2004944	external
https://www.cve.org/CVERecord?id=CVE-2021-23440	external
https://nvd.nist.gov/vuln/detail/CVE-2021-23440	external
https://github.com/advisories/GHSA-4jqc-8m5r-9rpr	external
https://access.redhat.com/security/cve/CVE-2021-23566	self
https://bugzilla.redhat.com/show_bug.cgi?id=2050853	external
https://www.cve.org/CVERecord?id=CVE-2021-23566	external
https://nvd.nist.gov/vuln/detail/CVE-2021-23566	external
https://github.com/advisories/GHSA-qrpm-p2h7-hrv2	external
https://access.redhat.com/security/cve/CVE-2022-0235	self
https://bugzilla.redhat.com/show_bug.cgi?id=2044591	external
https://www.cve.org/CVERecord?id=CVE-2022-0235	external
https://nvd.nist.gov/vuln/detail/CVE-2022-0235	external
https://huntr.dev/bounties/d26ab655-38d6-48b3-be1…	external
https://access.redhat.com/security/cve/CVE-2022-0536	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053259	external
https://www.cve.org/CVERecord?id=CVE-2022-0536	external
https://nvd.nist.gov/vuln/detail/CVE-2022-0536	external
https://access.redhat.com/security/cve/CVE-2022-1650	self
https://bugzilla.redhat.com/show_bug.cgi?id=2085307	external
https://www.cve.org/CVERecord?id=CVE-2022-1650	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1650	external
https://huntr.dev/bounties/dc9e467f-be5d-4945-867…	external
https://access.redhat.com/security/cve/CVE-2022-21698	self
https://bugzilla.redhat.com/show_bug.cgi?id=2045880	external
https://www.cve.org/CVERecord?id=CVE-2022-21698	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21698	external
https://github.com/prometheus/client_golang/secur…	external
https://access.redhat.com/security/cve/CVE-2022-23772	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053532	external
https://www.cve.org/CVERecord?id=CVE-2022-23772	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23772	external
https://groups.google.com/g/golang-announce/c/SUs…	external
https://access.redhat.com/security/cve/CVE-2022-23773	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053541	external
https://www.cve.org/CVERecord?id=CVE-2022-23773	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23773	external
https://access.redhat.com/security/cve/CVE-2022-23806	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053429	external
https://www.cve.org/CVERecord?id=CVE-2022-23806	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23806	external
https://access.redhat.com/security/cve/CVE-2022-24675	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://www.cve.org/CVERecord?id=CVE-2022-24675	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24675	external
https://groups.google.com/g/golang-announce/c/oec…	external
https://access.redhat.com/security/cve/CVE-2022-24771	self
https://bugzilla.redhat.com/show_bug.cgi?id=2067387	external
https://www.cve.org/CVERecord?id=CVE-2022-24771	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24771	external
https://github.com/digitalbazaar/forge/security/a…	external
https://access.redhat.com/security/cve/CVE-2022-24772	self
https://bugzilla.redhat.com/show_bug.cgi?id=2067458	external
https://www.cve.org/CVERecord?id=CVE-2022-24772	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24772	external
https://github.com/digitalbazaar/forge/security/a…	external
https://access.redhat.com/security/cve/CVE-2022-24773	self
https://bugzilla.redhat.com/show_bug.cgi?id=2067461	external
https://www.cve.org/CVERecord?id=CVE-2022-24773	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24773	external
https://github.com/digitalbazaar/forge/security/a…	external
https://access.redhat.com/security/cve/CVE-2022-24785	self
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://www.cve.org/CVERecord?id=CVE-2022-24785	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24785	external
https://github.com/moment/moment/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2022-24921	self
https://bugzilla.redhat.com/show_bug.cgi?id=2064857	external
https://www.cve.org/CVERecord?id=CVE-2022-24921	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24921	external
https://groups.google.com/g/golang-announce/c/RP1…	external
https://access.redhat.com/security/cve/CVE-2022-28327	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://www.cve.org/CVERecord?id=CVE-2022-28327	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28327	external
https://access.redhat.com/security/cve/CVE-2022-29526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://www.cve.org/CVERecord?id=CVE-2022-29526	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29526	external
https://groups.google.com/g/golang-announce/c/Y5q…	external
https://access.redhat.com/security/cve/CVE-2022-29810	self
https://bugzilla.redhat.com/show_bug.cgi?id=2080279	external
https://www.cve.org/CVERecord?id=CVE-2022-29810	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29810	external
https://github.com/golang/vulndb/issues/438	external
https://access.redhat.com/security/cve/CVE-2022-31129	self
https://bugzilla.redhat.com/show_bug.cgi?id=2105075	external
https://www.cve.org/CVERecord?id=CVE-2022-31129	external
https://nvd.nist.gov/vuln/detail/CVE-2022-31129	external
https://github.com/moment/moment/security/advisor…	external

Acknowledgments

Joël Gähwiler

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nSecurity Fix(es):\n\n* eventsource: Exposure of Sensitive Information (CVE-2022-1650)\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n\n* nodejs-set-value: type confusion allows bypass of CVE-2019-10747 (CVE-2021-23440)\n\n* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)\n\n* golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* Moment.js: Path traversal  in moment.locale (CVE-2022-24785)\n\n* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n* go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses (CVE-2022-29810)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\nThese updated images include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.11/html/4.11_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these updated images, which provide numerous bug fixes and enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:6156",
        "url": "https://access.redhat.com/errata/RHSA-2022:6156"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.11/html/4.11_release_notes/index",
        "url": "https://access.redhat.com//documentation/en-us/red_hat_openshift_data_foundation/4.11/html/4.11_release_notes/index"
      },
      {
        "category": "external",
        "summary": "1937117",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937117"
      },
      {
        "category": "external",
        "summary": "1947482",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947482"
      },
      {
        "category": "external",
        "summary": "1973317",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973317"
      },
      {
        "category": "external",
        "summary": "1996829",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1996829"
      },
      {
        "category": "external",
        "summary": "2004944",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004944"
      },
      {
        "category": "external",
        "summary": "2027724",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2027724"
      },
      {
        "category": "external",
        "summary": "2029298",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029298"
      },
      {
        "category": "external",
        "summary": "2044591",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
      },
      {
        "category": "external",
        "summary": "2045880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
      },
      {
        "category": "external",
        "summary": "2047173",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2047173"
      },
      {
        "category": "external",
        "summary": "2050853",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050853"
      },
      {
        "category": "external",
        "summary": "2050897",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050897"
      },
      {
        "category": "external",
        "summary": "2053259",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
      },
      {
        "category": "external",
        "summary": "2053429",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
      },
      {
        "category": "external",
        "summary": "2053532",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
      },
      {
        "category": "external",
        "summary": "2053541",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
      },
      {
        "category": "external",
        "summary": "2056697",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056697"
      },
      {
        "category": "external",
        "summary": "2058211",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058211"
      },
      {
        "category": "external",
        "summary": "2060487",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060487"
      },
      {
        "category": "external",
        "summary": "2060790",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060790"
      },
      {
        "category": "external",
        "summary": "2061713",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2061713"
      },
      {
        "category": "external",
        "summary": "2063691",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063691"
      },
      {
        "category": "external",
        "summary": "2064426",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064426"
      },
      {
        "category": "external",
        "summary": "2064857",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
      },
      {
        "category": "external",
        "summary": "2066514",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066514"
      },
      {
        "category": "external",
        "summary": "2067079",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067079"
      },
      {
        "category": "external",
        "summary": "2067387",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067387"
      },
      {
        "category": "external",
        "summary": "2067458",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067458"
      },
      {
        "category": "external",
        "summary": "2067461",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067461"
      },
      {
        "category": "external",
        "summary": "2069314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069314"
      },
      {
        "category": "external",
        "summary": "2069319",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069319"
      },
      {
        "category": "external",
        "summary": "2069812",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069812"
      },
      {
        "category": "external",
        "summary": "2069815",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069815"
      },
      {
        "category": "external",
        "summary": "2070542",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070542"
      },
      {
        "category": "external",
        "summary": "2071494",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071494"
      },
      {
        "category": "external",
        "summary": "2072009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
      },
      {
        "category": "external",
        "summary": "2073920",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073920"
      },
      {
        "category": "external",
        "summary": "2074810",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2074810"
      },
      {
        "category": "external",
        "summary": "2075426",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075426"
      },
      {
        "category": "external",
        "summary": "2075581",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075581"
      },
      {
        "category": "external",
        "summary": "2076457",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2076457"
      },
      {
        "category": "external",
        "summary": "2077242",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077242"
      },
      {
        "category": "external",
        "summary": "2077688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
      },
      {
        "category": "external",
        "summary": "2077689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
      },
      {
        "category": "external",
        "summary": "2079866",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079866"
      },
      {
        "category": "external",
        "summary": "2079873",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079873"
      },
      {
        "category": "external",
        "summary": "2080279",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080279"
      },
      {
        "category": "external",
        "summary": "2081680",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2081680"
      },
      {
        "category": "external",
        "summary": "2082028",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082028"
      },
      {
        "category": "external",
        "summary": "2082078",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082078"
      },
      {
        "category": "external",
        "summary": "2082497",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082497"
      },
      {
        "category": "external",
        "summary": "2083074",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083074"
      },
      {
        "category": "external",
        "summary": "2083441",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083441"
      },
      {
        "category": "external",
        "summary": "2083953",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083953"
      },
      {
        "category": "external",
        "summary": "2083993",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083993"
      },
      {
        "category": "external",
        "summary": "2084041",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084041"
      },
      {
        "category": "external",
        "summary": "2084085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
      },
      {
        "category": "external",
        "summary": "2084201",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084201"
      },
      {
        "category": "external",
        "summary": "2084503",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084503"
      },
      {
        "category": "external",
        "summary": "2084546",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084546"
      },
      {
        "category": "external",
        "summary": "2084565",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084565"
      },
      {
        "category": "external",
        "summary": "2085307",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085307"
      },
      {
        "category": "external",
        "summary": "2085351",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085351"
      },
      {
        "category": "external",
        "summary": "2085357",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085357"
      },
      {
        "category": "external",
        "summary": "2086557",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086557"
      },
      {
        "category": "external",
        "summary": "2086675",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086675"
      },
      {
        "category": "external",
        "summary": "2086982",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086982"
      },
      {
        "category": "external",
        "summary": "2086983",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086983"
      },
      {
        "category": "external",
        "summary": "2087078",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087078"
      },
      {
        "category": "external",
        "summary": "2087107",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087107"
      },
      {
        "category": "external",
        "summary": "2087237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087237"
      },
      {
        "category": "external",
        "summary": "2087675",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087675"
      },
      {
        "category": "external",
        "summary": "2087732",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087732"
      },
      {
        "category": "external",
        "summary": "2087755",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087755"
      },
      {
        "category": "external",
        "summary": "2088359",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088359"
      },
      {
        "category": "external",
        "summary": "2088380",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088380"
      },
      {
        "category": "external",
        "summary": "2088506",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088506"
      },
      {
        "category": "external",
        "summary": "2088587",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088587"
      },
      {
        "category": "external",
        "summary": "2089296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089296"
      },
      {
        "category": "external",
        "summary": "2089342",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089342"
      },
      {
        "category": "external",
        "summary": "2089397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089397"
      },
      {
        "category": "external",
        "summary": "2089552",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089552"
      },
      {
        "category": "external",
        "summary": "2089567",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089567"
      },
      {
        "category": "external",
        "summary": "2089786",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089786"
      },
      {
        "category": "external",
        "summary": "2089795",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089795"
      },
      {
        "category": "external",
        "summary": "2089797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089797"
      },
      {
        "category": "external",
        "summary": "2090278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090278"
      },
      {
        "category": "external",
        "summary": "2090314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090314"
      },
      {
        "category": "external",
        "summary": "2090953",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2090953"
      },
      {
        "category": "external",
        "summary": "2091487",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091487"
      },
      {
        "category": "external",
        "summary": "2091638",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091638"
      },
      {
        "category": "external",
        "summary": "2091641",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091641"
      },
      {
        "category": "external",
        "summary": "2091681",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091681"
      },
      {
        "category": "external",
        "summary": "2091894",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091894"
      },
      {
        "category": "external",
        "summary": "2091951",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091951"
      },
      {
        "category": "external",
        "summary": "2091998",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091998"
      },
      {
        "category": "external",
        "summary": "2092143",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092143"
      },
      {
        "category": "external",
        "summary": "2092217",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092217"
      },
      {
        "category": "external",
        "summary": "2092220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092220"
      },
      {
        "category": "external",
        "summary": "2092349",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092349"
      },
      {
        "category": "external",
        "summary": "2092372",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092372"
      },
      {
        "category": "external",
        "summary": "2092400",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092400"
      },
      {
        "category": "external",
        "summary": "2093266",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093266"
      },
      {
        "category": "external",
        "summary": "2093848",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093848"
      },
      {
        "category": "external",
        "summary": "2094179",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094179"
      },
      {
        "category": "external",
        "summary": "2094853",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094853"
      },
      {
        "category": "external",
        "summary": "2094856",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094856"
      },
      {
        "category": "external",
        "summary": "2095155",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2095155"
      },
      {
        "category": "external",
        "summary": "2096209",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096209"
      },
      {
        "category": "external",
        "summary": "2096414",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096414"
      },
      {
        "category": "external",
        "summary": "2096509",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096509"
      },
      {
        "category": "external",
        "summary": "2096513",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096513"
      },
      {
        "category": "external",
        "summary": "2096823",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096823"
      },
      {
        "category": "external",
        "summary": "2096937",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096937"
      },
      {
        "category": "external",
        "summary": "2097216",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097216"
      },
      {
        "category": "external",
        "summary": "2097287",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097287"
      },
      {
        "category": "external",
        "summary": "2097305",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097305"
      },
      {
        "category": "external",
        "summary": "2098121",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098121"
      },
      {
        "category": "external",
        "summary": "2098261",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098261"
      },
      {
        "category": "external",
        "summary": "2098536",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2098536"
      },
      {
        "category": "external",
        "summary": "2099265",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099265"
      },
      {
        "category": "external",
        "summary": "2099581",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099581"
      },
      {
        "category": "external",
        "summary": "2099609",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099609"
      },
      {
        "category": "external",
        "summary": "2099646",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099646"
      },
      {
        "category": "external",
        "summary": "2099660",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099660"
      },
      {
        "category": "external",
        "summary": "2099724",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099724"
      },
      {
        "category": "external",
        "summary": "2099965",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099965"
      },
      {
        "category": "external",
        "summary": "2100326",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100326"
      },
      {
        "category": "external",
        "summary": "2100352",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100352"
      },
      {
        "category": "external",
        "summary": "2100946",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100946"
      },
      {
        "category": "external",
        "summary": "2101139",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101139"
      },
      {
        "category": "external",
        "summary": "2101380",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101380"
      },
      {
        "category": "external",
        "summary": "2103818",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103818"
      },
      {
        "category": "external",
        "summary": "2104833",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104833"
      },
      {
        "category": "external",
        "summary": "2105075",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6156.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, \u0026 bugfix update",
    "tracking": {
      "current_release_date": "2026-06-02T17:37:36+00:00",
      "generator": {
        "date": "2026-06-02T17:37:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2022:6156",
      "initial_release_date": "2022-08-24T13:45:52+00:00",
      "revision_history": [
        {
          "date": "2022-08-24T13:45:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-08-24T13:45:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T17:37:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHODF 4.11 for RHEL 8",
                "product": {
                  "name": "RHODF 4.11 for RHEL 8",
                  "product_id": "8Base-RHODF-4.11",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_data_foundation:4.11::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Data Foundation"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
                "product": {
                  "name": "odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
                  "product_id": "odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.11.0-45"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
                "product": {
                  "name": "odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
                  "product_id": "odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.11.0-30"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
                "product": {
                  "name": "odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
                  "product_id": "odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
                "product": {
                  "name": "odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
                  "product_id": "odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.11.0-28"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
                "product": {
                  "name": "odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
                  "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.11.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
                "product": {
                  "name": "odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
                  "product_id": "odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.11.0-66"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
                "product": {
                  "name": "odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
                  "product_id": "odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
                "product": {
                  "name": "odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
                  "product_id": "odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.11.0-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
                "product": {
                  "name": "odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
                  "product_id": "odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.11.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
                "product": {
                  "name": "odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
                  "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
                "product": {
                  "name": "odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
                  "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.11.0-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
                "product": {
                  "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
                  "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.11.0-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
                "product": {
                  "name": "odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
                  "product_id": "odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-lvm-must-gather-rhel8\u0026tag=v4.11.0-37"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
                "product": {
                  "name": "odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
                  "product_id": "odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-lvm-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
                "product": {
                  "name": "odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
                  "product_id": "odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-lvm-rhel8-operator\u0026tag=v4.11.0-39"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
                "product": {
                  "name": "odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
                  "product_id": "odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.11.0-45"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
                "product": {
                  "name": "odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
                  "product_id": "odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
                "product": {
                  "name": "odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
                  "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.11.0-29"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
                "product": {
                  "name": "odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
                  "product_id": "odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
                "product": {
                  "name": "odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
                  "product_id": "odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.11.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
                "product": {
                  "name": "odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
                  "product_id": "odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-topolvm-rhel8\u0026tag=v4.11.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
                "product": {
                  "name": "odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
                  "product_id": "odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
                "product": {
                  "name": "odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
                  "product_id": "odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
                "product": {
                  "name": "odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
                  "product_id": "odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.11.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
                "product": {
                  "name": "odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
                  "product_id": "odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.11.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
                "product": {
                  "name": "odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
                  "product_id": "odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=v4.11.0-13"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
                "product": {
                  "name": "odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
                  "product_id": "odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.11.0-45"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
                "product": {
                  "name": "odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
                  "product_id": "odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.11.0-30"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
                "product": {
                  "name": "odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
                  "product_id": "odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
                "product": {
                  "name": "odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
                  "product_id": "odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.11.0-28"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
                "product": {
                  "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
                  "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.11.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
                "product": {
                  "name": "odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
                  "product_id": "odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.11.0-66"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
                "product": {
                  "name": "odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
                  "product_id": "odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
                "product": {
                  "name": "odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
                  "product_id": "odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.11.0-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
                "product": {
                  "name": "odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
                  "product_id": "odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.11.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
                "product": {
                  "name": "odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
                  "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
                "product": {
                  "name": "odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
                  "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.11.0-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
                "product": {
                  "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
                  "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.11.0-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
                "product": {
                  "name": "odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
                  "product_id": "odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-lvm-must-gather-rhel8\u0026tag=v4.11.0-37"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
                "product": {
                  "name": "odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
                  "product_id": "odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-lvm-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
                "product": {
                  "name": "odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
                  "product_id": "odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-lvm-rhel8-operator\u0026tag=v4.11.0-39"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
                "product": {
                  "name": "odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
                  "product_id": "odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.11.0-45"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
                "product": {
                  "name": "odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
                  "product_id": "odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
                "product": {
                  "name": "odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
                  "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.11.0-29"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
                "product": {
                  "name": "odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
                  "product_id": "odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
                "product": {
                  "name": "odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
                  "product_id": "odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.11.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
                "product": {
                  "name": "odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
                  "product_id": "odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-topolvm-rhel8\u0026tag=v4.11.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
                "product": {
                  "name": "odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
                  "product_id": "odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
                "product": {
                  "name": "odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
                  "product_id": "odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
                "product": {
                  "name": "odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
                  "product_id": "odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.11.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
                "product": {
                  "name": "odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
                  "product_id": "odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.11.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
                "product": {
                  "name": "odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
                  "product_id": "odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=v4.11.0-13"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
                "product": {
                  "name": "odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
                  "product_id": "odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.11.0-45"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
                "product": {
                  "name": "odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
                  "product_id": "odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.11.0-30"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
                "product": {
                  "name": "odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
                  "product_id": "odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
                "product": {
                  "name": "odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
                  "product_id": "odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.11.0-28"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
                "product": {
                  "name": "odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
                  "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.11.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
                "product": {
                  "name": "odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
                  "product_id": "odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.11.0-66"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
                "product": {
                  "name": "odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
                  "product_id": "odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
                "product": {
                  "name": "odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
                  "product_id": "odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.11.0-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
                "product": {
                  "name": "odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
                  "product_id": "odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.11.0-51"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
                "product": {
                  "name": "odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
                  "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
                "product": {
                  "name": "odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
                  "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.11.0-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
                "product": {
                  "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
                  "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.11.0-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
                "product": {
                  "name": "odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
                  "product_id": "odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-lvm-must-gather-rhel8\u0026tag=v4.11.0-37"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
                "product": {
                  "name": "odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
                  "product_id": "odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-lvm-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
                "product": {
                  "name": "odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
                  "product_id": "odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-lvm-rhel8-operator\u0026tag=v4.11.0-39"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
                "product": {
                  "name": "odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
                  "product_id": "odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.11.0-45"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
                "product": {
                  "name": "odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
                  "product_id": "odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
                "product": {
                  "name": "odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
                  "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.11.0-29"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
                "product": {
                  "name": "odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
                  "product_id": "odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
                "product": {
                  "name": "odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
                  "product_id": "odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.11.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
                "product": {
                  "name": "odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
                  "product_id": "odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-topolvm-rhel8\u0026tag=v4.11.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
                "product": {
                  "name": "odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
                  "product_id": "odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
                "product": {
                  "name": "odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
                  "product_id": "odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.11.0-137"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
                "product": {
                  "name": "odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
                  "product_id": "odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.11.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
                "product": {
                  "name": "odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
                  "product_id": "odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.11.0-49"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64",
                "product": {
                  "name": "odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64",
                  "product_id": "odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319?arch=amd64\u0026repository_url=registry.redhat.io/odf4/volume-replication-rhel8-operator\u0026tag=v4.11.0-13"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x"
        },
        "product_reference": "odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64"
        },
        "product_reference": "odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le"
        },
        "product_reference": "odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64"
        },
        "product_reference": "odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x"
        },
        "product_reference": "odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
        },
        "product_reference": "odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le"
        },
        "product_reference": "odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64"
        },
        "product_reference": "odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x"
        },
        "product_reference": "odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le"
        },
        "product_reference": "odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x"
        },
        "product_reference": "odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64"
        },
        "product_reference": "odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x"
        },
        "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le"
        },
        "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64"
        },
        "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le"
        },
        "product_reference": "odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64"
        },
        "product_reference": "odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x"
        },
        "product_reference": "odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64"
        },
        "product_reference": "odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x"
        },
        "product_reference": "odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le"
        },
        "product_reference": "odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64"
        },
        "product_reference": "odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le"
        },
        "product_reference": "odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x"
        },
        "product_reference": "odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64"
        },
        "product_reference": "odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le"
        },
        "product_reference": "odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
        },
        "product_reference": "odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x"
        },
        "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le"
        },
        "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64"
        },
        "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le"
        },
        "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x"
        },
        "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64"
        },
        "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64"
        },
        "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x"
        },
        "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le"
        },
        "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64"
        },
        "product_reference": "odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le"
        },
        "product_reference": "odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x"
        },
        "product_reference": "odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le"
        },
        "product_reference": "odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x"
        },
        "product_reference": "odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64"
        },
        "product_reference": "odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x"
        },
        "product_reference": "odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le"
        },
        "product_reference": "odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64"
        },
        "product_reference": "odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64"
        },
        "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le"
        },
        "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x"
        },
        "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64"
        },
        "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x"
        },
        "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le"
        },
        "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x"
        },
        "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64"
        },
        "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le"
        },
        "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le"
        },
        "product_reference": "odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64"
        },
        "product_reference": "odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x"
        },
        "product_reference": "odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64"
        },
        "product_reference": "odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x"
        },
        "product_reference": "odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le"
        },
        "product_reference": "odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x"
        },
        "product_reference": "odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le"
        },
        "product_reference": "odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64"
        },
        "product_reference": "odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64"
        },
        "product_reference": "odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x"
        },
        "product_reference": "odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le"
        },
        "product_reference": "odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x"
        },
        "product_reference": "odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le"
        },
        "product_reference": "odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64"
        },
        "product_reference": "odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x"
        },
        "product_reference": "odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64"
        },
        "product_reference": "odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
        },
        "product_reference": "odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x"
        },
        "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64"
        },
        "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
        },
        "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le"
        },
        "product_reference": "odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x"
        },
        "product_reference": "odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64 as a component of RHODF 4.11 for RHEL 8",
          "product_id": "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        },
        "product_reference": "odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64",
        "relates_to_product_reference": "8Base-RHODF-4.11"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-23440",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "discovery_date": "2021-09-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2004944"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A type confusion vulnerability in nodejs-set-value can lead to a bypass of CVE-2019-10747. If the user-provided keys used in the path parameter are arrays, the function mixin-deep can be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype, or _proto_ payloads. This vulnerability can impact data confidentiality, integrity, and availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nodejs-set-value: type confusion allows bypass of CVE-2019-10747",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-23440"
        },
        {
          "category": "external",
          "summary": "RHBZ#2004944",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004944"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23440",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-23440"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23440",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23440"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-4jqc-8m5r-9rpr",
          "url": "https://github.com/advisories/GHSA-4jqc-8m5r-9rpr"
        }
      ],
      "release_date": "2021-09-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "nodejs-set-value: type confusion allows bypass of CVE-2019-10747"
    },
    {
      "cve": "CVE-2021-23566",
      "cwe": {
        "id": "CWE-212",
        "name": "Improper Removal of Sensitive Information Before Storage or Transfer"
      },
      "discovery_date": "2022-02-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2050853"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the nanoid library where the valueOf() function allows the reproduction of the last id generated. This flaw allows an attacker to expose sensitive information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "nanoid: Information disclosure via valueOf() function",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-23566"
        },
        {
          "category": "external",
          "summary": "RHBZ#2050853",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050853"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23566",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-23566"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23566",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23566"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2",
          "url": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2"
        }
      ],
      "release_date": "2022-01-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "nanoid: Information disclosure via valueOf() function"
    },
    {
      "cve": "CVE-2022-0235",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "discovery_date": "2022-01-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2044591"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-fetch: exposure of sensitive information to an unauthorized actor",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0235"
        },
        {
          "category": "external",
          "summary": "RHBZ#2044591",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235"
        },
        {
          "category": "external",
          "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/",
          "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/"
        }
      ],
      "release_date": "2022-01-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "node-fetch: exposure of sensitive information to an unauthorized actor"
    },
    {
      "cve": "CVE-2022-0536",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "discovery_date": "2022-02-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053259"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the follow-redirects package. This flaw allows the exposure of sensitive information to an unauthorized actor due to the usage of insecure HTTP protocol. This issue happens with an Authorization header leak from the same hostname, https-http, and requires a Man-in-the-Middle (MITM) attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0536"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053259",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053259"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0536",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0536"
        }
      ],
      "release_date": "2022-02-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "follow-redirects: Exposure of Sensitive Information via Authorization Header leak"
    },
    {
      "cve": "CVE-2022-1650",
      "cwe": {
        "id": "CWE-359",
        "name": "Exposure of Private Personal Information to an Unauthorized Actor"
      },
      "discovery_date": "2022-05-12T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2085307"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the EventSource NPM Package. The description from the source states the following message: \"Exposure of Sensitive Information to an Unauthorized Actor.\" This flaw allows an attacker to steal the user\u0027s credentials and then use the credentials to access the legitimate website.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "eventsource: Exposure of Sensitive Information",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1650"
        },
        {
          "category": "external",
          "summary": "RHBZ#2085307",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085307"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1650",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1650"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1650",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1650"
        },
        {
          "category": "external",
          "summary": "https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e",
          "url": "https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e"
        }
      ],
      "release_date": "2022-05-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "eventsource: Exposure of Sensitive Information"
    },
    {
      "cve": "CVE-2022-21698",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "discovery_date": "2022-01-19T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2045880"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has been rated as having a moderate impact for two main reasons. The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. Additionally, this is in alignment with upstream\u0027s (the Prometheus project) impact rating.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21698"
        },
        {
          "category": "external",
          "summary": "RHBZ#2045880",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21698",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p",
          "url": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter"
    },
    {
      "cve": "CVE-2022-23772",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053532"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053532",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23772",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString"
    },
    {
      "cve": "CVE-2022-23773",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053541"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053541",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23773",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control"
    },
    {
      "cve": "CVE-2022-23806",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053429"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 8 and 9 are affected because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having a Moderate security impact. The issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7; hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16 \u0026 1.17), will not be addressed in future updates as shipped only in RHEL-7, hence, marked as Out-of-Support-Scope.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.\n\nThe vulnerability lies in the crypto/elliptic: IsOnCurve taking in negative and invalid forms of data input and resulting in a panic, the resulting invalid data input is also resulting in data sinks in other functions such as marshall that handle elliptic curve cryptography by converting points on an elliptic curve into a binary format for storage or transmission and scalarmult which provides scalar multiplication, all three function takes in invalid forms of data and results in a crash, although the main culprit being isoncurve function, considering the attack complexity being high as the data that reaches the vulnerable function could already be stripped of negative sign and the resultant successful exploitation only leading to a panic/crash the vulnerability has been rated as Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053429",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23806",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements"
    },
    {
      "cve": "CVE-2022-24675",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/pem: fix stack overflow in Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/pem: fix stack overflow in Decode"
    },
    {
      "cve": "CVE-2022-24771",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2022-03-23T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2067387"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects the DigestAlgorithm structure.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24771"
        },
        {
          "category": "external",
          "summary": "RHBZ#2067387",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067387"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24771",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24771"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24771",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24771"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-cfm4-qjh2-4765"
        }
      ],
      "release_date": "2022-03-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery"
    },
    {
      "cve": "CVE-2022-24772",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2022-03-23T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2067458"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects the DigestInfo ASN.1 structure.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24772"
        },
        {
          "category": "external",
          "summary": "RHBZ#2067458",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067458"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24772",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24772"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24772"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g"
        }
      ],
      "release_date": "2022-03-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery"
    },
    {
      "cve": "CVE-2022-24773",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2022-03-23T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2067461"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the node-forge library when verifying the signature on the ASN.1 structure in RSA PKCS#1 v1.5. This flaw allows an attacker to obtain successful verification for invalid DigestInfo structure, affecting the integrity of the attacked resource.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "node-forge: Signature verification leniency in checking `DigestInfo` structure",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24773"
        },
        {
          "category": "external",
          "summary": "RHBZ#2067461",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067461"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24773",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24773"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24773",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24773"
        },
        {
          "category": "external",
          "summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr",
          "url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr"
        }
      ],
      "release_date": "2022-03-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "node-forge: Signature verification leniency in checking `DigestInfo` structure"
    },
    {
      "cve": "CVE-2022-24785",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2022-04-05T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Moment.js: Path traversal  in moment.locale",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In Quay 3.10 and above, no version of affected momentjs is present.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
          "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
        }
      ],
      "release_date": "2022-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        },
        {
          "category": "workaround",
          "details": "Sanitize the user-provided locale name before passing it to Moment.js.",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Moment.js: Path traversal  in moment.locale"
    },
    {
      "cve": "CVE-2022-24921",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-03-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2064857"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow flaw was found in Golang\u0027s regexp module, which can crash the runtime if the application using regexp accepts very long or arbitrarily long regexps from untrusted sources that have sufficient nesting depths. To exploit this vulnerability, an attacker would need to send large regexps with deep nesting to the application. Triggering this flaw leads to a crash of the runtime, which causes a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: regexp: stack exhaustion via a deeply nested expression",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has been rated as a Moderate impact flaw because the exploitation of this flaw requires that an affected application accept arbitrarily long regexps from untrusted sources, which has inherent risks (even without this flaw), especially involving impacts to application availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "RHBZ#2064857",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24921",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk",
          "url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"
        }
      ],
      "release_date": "2022-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: regexp: stack exhaustion via a deeply nested expression"
    },
    {
      "cve": "CVE-2022-28327",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077689"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: panic caused by oversized scalar",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077689",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: panic caused by oversized scalar"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jo\u00ebl G\u00e4hwiler"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-29526",
      "cwe": {
        "id": "CWE-358",
        "name": "Improperly Implemented Security Check for Standard"
      },
      "discovery_date": "2022-05-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2084085"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file\u0027s group, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: faccessat checks wrong group",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2084085",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        }
      ],
      "release_date": "2022-05-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: faccessat checks wrong group"
    },
    {
      "cve": "CVE-2022-29810",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "discovery_date": "2022-04-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2080279"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in go-getter, where the go-getter library can write SSH credentials into its log file. This flaw allows a local user with access to read log files to read sensitive credentials, which may lead to privilege escalation or account takeover.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29810"
        },
        {
          "category": "external",
          "summary": "RHBZ#2080279",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2080279"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29810",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29810"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29810",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29810"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/vulndb/issues/438",
          "url": "https://github.com/golang/vulndb/issues/438"
        }
      ],
      "release_date": "2022-04-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses"
    },
    {
      "cve": "CVE-2022-31129",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-07-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2105075"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "moment: inefficient parsing algorithm resulting in DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
          "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
          "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
          "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
          "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
          "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
          "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
          "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
          "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
          "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
          "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
          "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
          "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
          "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
          "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
          "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
          "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
          "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-31129"
        },
        {
          "category": "external",
          "summary": "RHBZ#2105075",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
        },
        {
          "category": "external",
          "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
          "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
        }
      ],
      "release_date": "2022-07-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-24T13:45:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6156"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:3f7fbeb56a29d3e23855368a1fca0cf86d055e4d9ff0fe387eae1ae3bf266056_s390x",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:b795c0b44236237d5efca90eb9e2786a9b3e82968d5022eaed8848c7f49bb38d_amd64",
            "8Base-RHODF-4.11:odf4/cephcsi-rhel8@sha256:c45d178764106cb22cdc5f9adb354ea11211712e5be93b7a067d28f410067f0c_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:25e9cf317088b7a827629cb40ee7f816994b465e86f3b2df5a97931cfa4eb40d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:ab449f9f9aa1df48e076c283b19f32361ee5d531ffe13922401107095814708d_s390x",
            "8Base-RHODF-4.11:odf4/mcg-core-rhel8@sha256:d675998c5c475f799e937a3f90e59813d583e8f84a7f6759298ba92e50a9c288_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:0595b90d21f7a5a0ea91a11492f1dbfbe2759ecd9707a8e9e4953d57c973f801_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:4c9db259686a6de3247892d1ec915d185d5276e0d4de3545e4cf81ec8310c87d_amd64",
            "8Base-RHODF-4.11:odf4/mcg-operator-bundle@sha256:645eaf6f2412322d28789021b9393fb368156c4f2aa14528fe9209e3c22fe475_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:257eb2ca9f59ff15db9018038422382a6887b82c603515cd1b2b12781fbb189a_ppc64le",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:8d7d066a645cade7d01ecd3d0427cbadca889dc8c1a3ffde1f4193b777975c75_s390x",
            "8Base-RHODF-4.11:odf4/mcg-rhel8-operator@sha256:fc2c495c5236268e095265dd202587ab7bcf376b14a1e4d05875f5e053635cb0_amd64",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:261691407d9e36597d6de3fb2d7707f78ea9cdd91f6f674f86cfd9727c3ce739_s390x",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:6e447521417d9331f471ed77645354406adf47b94497c5f8f13a8966e6534cec_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-metrics-exporter-rhel8@sha256:9068cccd15cbe2c2c36c4a5633f704616653dc735256d78f588ec6e2b7e1e612_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:012fcf6f037110f56be4a72bb48ede013b764a0ee4615718d985397cafe11129_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:83b0764e21d3a1d2b4efe26bed9a3fdfe4b370ec9f7c4e2bf9cee44a9c33c5bb_amd64",
            "8Base-RHODF-4.11:odf4/ocs-must-gather-rhel8@sha256:8d177becb51a16957264e508d623fa2c0f11505b3819b306f39da154db947d91_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:088b8dc1d459270629610aab02666f99262c9675336d812b24e43df135d9e96a_amd64",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:0f61780f3b698672e76029d705abd69349cd01782626f66e9fd029be71b9c336_s390x",
            "8Base-RHODF-4.11:odf4/ocs-operator-bundle@sha256:4506d1dc937411d88d435e23b7bfd17cc48d04e237f697f0cb8d9da6c4b3daf4_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:57947da5535936416a10a9de871aa37dd69e157b762577ba30b7f8d1332eb644_amd64",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:717c291c0eae097da0432f36efc4c070c9e1fc3824344ad6ccac254a720fac05_ppc64le",
            "8Base-RHODF-4.11:odf4/ocs-rhel8-operator@sha256:ebe1cd859b8483554955c12229be987622825fb292f522a50e2d8c289c53cd65_s390x",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:a5fa14675b15c4e59ab9717051e3de0692e36baab909af1409075c7e85402c26_amd64",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:aa873670a03cda9fb7a56130f0be4f827dafe4aba7d00833f7020f8ce0a978ae_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-console-rhel8@sha256:e7055ac1518d19cd288af0a829f8e28fd1eef92e3e03044225b4c9b204e4d1e8_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:4776158851b33c146ef13f861d59db2340e74f86c35dfc6ab08f2fb7e2455a3b_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:74a8060b385b219f44eca200ca1e9e59006ea65fa8b3179b82511ccf94109134_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-operator-bundle@sha256:d969a8b0b2871ada6387543aef2482f42e8d7572da48f143e0ef3b66a1916cf5_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:055c71b5a6ae1a4ba5865dc6fca134523a793b30b1183da4ae318895692c5075_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:58ce943524354477e5c7792b9976aee14bc5589eeed4f8c9f891a4669620d0a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-rhel8-operator@sha256:bdafb62d8443db185ee2b766a4dcfef5fe38b8cade9f8ae19b736e9041fc5aea_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:0b9ecf62630f7ec27789275d02559675f58ed8efb9021f3af2031fde0a09fe6a_amd64",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:3ddf8e31f143ae15205e149921189fb3ea078064bfc1f059bfa0be4f6682a411_s390x",
            "8Base-RHODF-4.11:odf4/odf-csi-addons-sidecar-rhel8@sha256:6789e86605df10211bf7b0c51d89331164b8904002a84d846f02ae1f07b02de5_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b2104f1c1ea290abe89d5079a67f6adb6ecfa0fee06b87f907e51ae9ae09f1ce_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:b5eb82998b58c69f3b86dbd8422b0b3d539f9f7f6e41487087c5eae2e31978b2_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-must-gather-rhel8@sha256:c54add471c2ba0d6c6ae845908879a469fa4d51cfc03b5d824890464357410dc_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:1565dfca546929367e38ef7a9177485ddc330e07740fe05759312d8ffda1e5ed_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:ef8c8b736d860519a8d2dc9e53c932e49897c9865c11f55d00fc53c1c6b6b5be_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-operator-bundle@sha256:f25a6bce26e7464a67d77f8a598c5935ea81e125ae8e6cccaacb8b1ffc6b15f9_amd64",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:7af78e53c59a9113d7dbf0032acd27800c8e20a45f0558cfa19b75d992b2226c_s390x",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:a9403dfbec7706ddb25c1c10351676f90508f1961799cb5e5ad105f012f1165a_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-lvm-rhel8-operator@sha256:f13ed10fbb0c41c29af589134a0b1dcf940014711c181d3042686ec19032da10_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:363a523bcadfe94232264b87d484feee2bed956a578a442bcfcb9eb424fbca28_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:647b2c224070a0b32a8c9ea1ed0d6ebe78a0a73f064187e99c2d995bfe3c75fb_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-console-rhel8@sha256:71732a5f18f3020ed202f295dd06f7da56fd4c12e44663fb00ae76535bae11a5_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:30fadecc3fc709d2b63ba88f66abcf8b4a2912dd43a99025211391961c7c4899_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:6744d76335628f60d980b40c01997392835e5543f6ccd18b83fadb25c62d939f_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-operator-bundle@sha256:95bddcca209809635cf3f25a9f03f65bd6500b32eca6d77047627b421cf5c733_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:46a6ff2d2f0510628d6307773c800e7c8a9f7ba4f023493c9431307ba2432f9a_s390x",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:4ddf48a5670e1822b2013503cfb4bc9fb92164d3fe38d2f933bbb24b7417380f_amd64",
            "8Base-RHODF-4.11:odf4/odf-multicluster-rhel8-operator@sha256:95aee2ec39f6dd03a66655251063d3babad72422264b41139b0ee68f78cc9077_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:2dd1aa2a2abcbda0d921aaad29db55ae40a5869b62c7e14e5bd2ff71dc647c09_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:45695f266a4b31df6805ab24977e490f8d71b0e32ff4dfb2e0b397c66de66b21_amd64",
            "8Base-RHODF-4.11:odf4/odf-operator-bundle@sha256:bb65d8368da1cde5bccc7cfc2a9325c3357fb6f9701ccdee1b10252e2f23f6f0_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:007fa00f8c6cebc70ca122b2bd42b2833bfbd8990a377f297f3baab264410f6b_amd64",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:67e58a5edb0c3f482254eaa84b70b85e143fd80bedab32207b78e453e64ef1e6_s390x",
            "8Base-RHODF-4.11:odf4/odf-rhel8-operator@sha256:da3013f2a8d13db71e80f7085b69f1bf9f5e518d94eadf1204b431af4dc989f4_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:1240938e119303864ba4b6ad342beec13cced941a7ddb08f6003afebead9e88f_s390x",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:175337b3cba8447d0e8a05585faf4609cab47c4bf53be9bf6a2df05b8fa80ffa_ppc64le",
            "8Base-RHODF-4.11:odf4/odf-topolvm-rhel8@sha256:e0320e6557c1437af33a841b18ba70f4c2f0552b70180ba8b180c123d7f2f4f2_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:6aaa2a3d22794a96700450e25dcb873f3d4524ef901a023698f5728c5ca21800_amd64",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:d630da32e1e6c35a11ceb493fd7462b08fc27789fe0e0837cd7f5840a13bab44_s390x",
            "8Base-RHODF-4.11:odf4/odr-cluster-operator-bundle@sha256:eeda649c14488b6c57fc55af14b07e04173524bd7bc3b37e85ce2eaba50393dd_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:4186520d7a08afc8facfb6a804ae5e87eb6830d4063376416f87e24cd2f637b6_s390x",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:aacaa2b2c859b007212ecfdd2ea9fcbe152f293ea3f688e7e0a6316e1a8d04eb_ppc64le",
            "8Base-RHODF-4.11:odf4/odr-hub-operator-bundle@sha256:f5fc8d49a34bbcb6e18985593cb7f6ced9a4a81cb2d5dcc3207464f4eec8afe6_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:1f4065509ed12724f26b3ae5541f5e39bb9880b8d38f487b54db004d4cfedc54_s390x",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:66c69af462e5241eadc9e19cf2896f0986a423513b3b7f33228602038047d93e_amd64",
            "8Base-RHODF-4.11:odf4/odr-rhel8-operator@sha256:f647abc5dec4edada3f6d2db3d50b38ff90fc8a259d67465603a5f2fb40287c9_ppc64le",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:2e8b52f2f4eda1e7ea4ff737a9a5a839de25c378060237d1c35ca06ef1832b3c_s390x",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:5dea95a7f7ddc016993439441d53ed2ea553d2fabe3662a3f752c5c7ec0e5d64_amd64",
            "8Base-RHODF-4.11:odf4/rook-ceph-rhel8-operator@sha256:ede9a7e533fab96106afc33078b45785adc955aa43e2529b933164e0c14e74f2_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:57980c6f7c978f4062455c5d69aa430ad2ba2e00c1410076f4f2880c08e41393_ppc64le",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:b29e58dac60a544d740856b60266b9540e35a5e11aab859d89801ea34bc2c86a_s390x",
            "8Base-RHODF-4.11:odf4/volume-replication-rhel8-operator@sha256:c09762cf6683233431900504dc8b74962a652e3736d44502dc6970f59a540319_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "moment: inefficient parsing algorithm resulting in DoS"
    }
  ]
}

RHSA-2022:6277

Vulnerability from csaf_redhat - Published: 2022-08-31 16:58 - Updated: 2026-06-02 17:37

Summary

Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.5 security update

Severity

Moderate

Notes

Topic: Red Hat OpenShift Service Mesh 2.1.5 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Security Fix(es): * moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129) * golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) * moment: Moment.js: Path traversal in moment.locale (CVE-2022-24785) * golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921) * golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-24675

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 25 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix

Known not affected 11 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch		—

Threats

Impact Moderate

CVE-2022-24785

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64	—	Vendor Fix fix Workaround

Known not affected 32 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src	—	Workaround
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64	—	Workaround

Threats

Impact Moderate

CVE-2022-24921

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 13 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix

Known not affected 23 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64		—

Threats

Impact Moderate

CVE-2022-28327

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 25 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix

Known not affected 11 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch		—

Threats

Impact Moderate

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-358 - Improperly Implemented Security Check for Standard

Affected products

Fixed 8 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64	—	Vendor Fix fix

Known not affected 28 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64		—

Threats

Impact Moderate

CVE-2022-30629

A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-331 - Insufficient Entropy

Affected products

Fixed 36 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64	—	Vendor Fix fix

Threats

Impact Low

CVE-2022-31129

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src	—	Vendor Fix fix
Unresolved product id: 8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64	—	Vendor Fix fix

Known not affected 32 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src		—
Unresolved product id: 8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64		—

Threats

Impact Moderate

References

44 references

URL	Category
https://access.redhat.com/errata/RHSA-2022:6277	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2064857	external
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://bugzilla.redhat.com/show_bug.cgi?id=2105075	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2022-24675	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://www.cve.org/CVERecord?id=CVE-2022-24675	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24675	external
https://groups.google.com/g/golang-announce/c/oec…	external
https://access.redhat.com/security/cve/CVE-2022-24785	self
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://www.cve.org/CVERecord?id=CVE-2022-24785	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24785	external
https://github.com/moment/moment/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2022-24921	self
https://bugzilla.redhat.com/show_bug.cgi?id=2064857	external
https://www.cve.org/CVERecord?id=CVE-2022-24921	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24921	external
https://groups.google.com/g/golang-announce/c/RP1…	external
https://access.redhat.com/security/cve/CVE-2022-28327	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://www.cve.org/CVERecord?id=CVE-2022-28327	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28327	external
https://access.redhat.com/security/cve/CVE-2022-29526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://www.cve.org/CVERecord?id=CVE-2022-29526	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29526	external
https://groups.google.com/g/golang-announce/c/Y5q…	external
https://access.redhat.com/security/cve/CVE-2022-30629	self
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://www.cve.org/CVERecord?id=CVE-2022-30629	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30629	external
https://groups.google.com/g/golang-announce/c/TzI…	external
https://access.redhat.com/security/cve/CVE-2022-31129	self
https://bugzilla.redhat.com/show_bug.cgi?id=2105075	external
https://www.cve.org/CVERecord?id=CVE-2022-31129	external
https://nvd.nist.gov/vuln/detail/CVE-2022-31129	external
https://github.com/moment/moment/security/advisor…	external

Acknowledgments

Joël Gähwiler

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Service Mesh 2.1.5\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nThis advisory covers the RPM packages for the release.\n\nSecurity Fix(es):\n\n* moment: inefficient parsing algorithm resulting in DoS (CVE-2022-31129)\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n* moment: Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:6277",
        "url": "https://access.redhat.com/errata/RHSA-2022:6277"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2064857",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
      },
      {
        "category": "external",
        "summary": "2072009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
      },
      {
        "category": "external",
        "summary": "2077688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
      },
      {
        "category": "external",
        "summary": "2077689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
      },
      {
        "category": "external",
        "summary": "2084085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
      },
      {
        "category": "external",
        "summary": "2092793",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
      },
      {
        "category": "external",
        "summary": "2105075",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6277.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.5 security update",
    "tracking": {
      "current_release_date": "2026-06-02T17:37:39+00:00",
      "generator": {
        "date": "2026-06-02T17:37:39+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2022:6277",
      "initial_release_date": "2022-08-31T16:58:21+00:00",
      "revision_history": [
        {
          "date": "2022-08-31T16:58:21+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-08-31T16:58:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T17:37:39+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Service Mesh 2.1",
                "product": {
                  "name": "OpenShift Service Mesh 2.1",
                  "product_id": "8Base-OSSM-2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_mesh:2.1::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Service Mesh"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-debugsource@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-debuginfo@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-operator-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-operator-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-operator-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-operator@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-cni-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-cni-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-cni-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-cni@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-pilot-agent@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
                "product": {
                  "name": "servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
                  "product_id": "servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9.el8?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
                "product": {
                  "name": "servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
                  "product_id": "servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-ratelimit@2.1.5-1.el8?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "servicemesh-proxy-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-proxy-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-proxy-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-debugsource@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-debuginfo@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-operator-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-operator-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-operator-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-operator@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-cni-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-cni-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-cni-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-cni@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-pilot-agent@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@2.1.5-1.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-prometheus-0:2.23.0-9.el8.s390x",
                "product": {
                  "name": "servicemesh-prometheus-0:2.23.0-9.el8.s390x",
                  "product_id": "servicemesh-prometheus-0:2.23.0-9.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9.el8?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
                "product": {
                  "name": "servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
                  "product_id": "servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-ratelimit@2.1.5-1.el8?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
                "product": {
                  "name": "servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
                  "product_id": "servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-wasm@2.1.5-1.el8?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "servicemesh-proxy-0:2.1.5-1.el8.src",
                "product": {
                  "name": "servicemesh-proxy-0:2.1.5-1.el8.src",
                  "product_id": "servicemesh-proxy-0:2.1.5-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy@2.1.5-1.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-operator-0:2.1.5-1.el8.src",
                "product": {
                  "name": "servicemesh-operator-0:2.1.5-1.el8.src",
                  "product_id": "servicemesh-operator-0:2.1.5-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-operator@2.1.5-1.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-0:2.1.5-1.el8.src",
                "product": {
                  "name": "servicemesh-0:2.1.5-1.el8.src",
                  "product_id": "servicemesh-0:2.1.5-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh@2.1.5-1.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-prometheus-0:2.23.0-9.el8.src",
                "product": {
                  "name": "servicemesh-prometheus-0:2.23.0-9.el8.src",
                  "product_id": "servicemesh-prometheus-0:2.23.0-9.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-ratelimit-0:2.1.5-1.el8.src",
                "product": {
                  "name": "servicemesh-ratelimit-0:2.1.5-1.el8.src",
                  "product_id": "servicemesh-ratelimit-0:2.1.5-1.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-ratelimit@2.1.5-1.el8?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "servicemesh-proxy-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-proxy-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-proxy-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-debugsource@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-proxy-debuginfo@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-operator-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-operator-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-operator-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-operator@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-cni-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-cni-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-cni-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-cni@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-pilot-agent@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@2.1.5-1.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
                "product": {
                  "name": "servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
                  "product_id": "servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-prometheus@2.23.0-9.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "servicemesh-ratelimit-0:2.1.5-1.el8.x86_64",
                "product": {
                  "name": "servicemesh-ratelimit-0:2.1.5-1.el8.x86_64",
                  "product_id": "servicemesh-ratelimit-0:2.1.5-1.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/servicemesh-ratelimit@2.1.5-1.el8?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-0:2.1.5-1.el8.src as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src"
        },
        "product_reference": "servicemesh-0:2.1.5-1.el8.src",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-cni-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-cni-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-cni-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-cni-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-cni-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-cni-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-operator-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-operator-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-operator-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-operator-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-operator-0:2.1.5-1.el8.src as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src"
        },
        "product_reference": "servicemesh-operator-0:2.1.5-1.el8.src",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-operator-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-operator-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-prometheus-0:2.23.0-9.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le"
        },
        "product_reference": "servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-prometheus-0:2.23.0-9.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x"
        },
        "product_reference": "servicemesh-prometheus-0:2.23.0-9.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-prometheus-0:2.23.0-9.el8.src as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src"
        },
        "product_reference": "servicemesh-prometheus-0:2.23.0-9.el8.src",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-prometheus-0:2.23.0-9.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
        },
        "product_reference": "servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-proxy-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-0:2.1.5-1.el8.src as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src"
        },
        "product_reference": "servicemesh-proxy-0:2.1.5-1.el8.src",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-proxy-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch"
        },
        "product_reference": "servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le"
        },
        "product_reference": "servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-ratelimit-0:2.1.5-1.el8.s390x as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x"
        },
        "product_reference": "servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-ratelimit-0:2.1.5-1.el8.src as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src"
        },
        "product_reference": "servicemesh-ratelimit-0:2.1.5-1.el8.src",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "servicemesh-ratelimit-0:2.1.5-1.el8.x86_64 as a component of OpenShift Service Mesh 2.1",
          "product_id": "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        },
        "product_reference": "servicemesh-ratelimit-0:2.1.5-1.el8.x86_64",
        "relates_to_product_reference": "8Base-OSSM-2.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-24675",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/pem: fix stack overflow in Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ],
        "known_not_affected": [
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/pem: fix stack overflow in Decode"
    },
    {
      "cve": "CVE-2022-24785",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2022-04-05T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Moment.js: Path traversal  in moment.locale",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In Quay 3.10 and above, no version of affected momentjs is present.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
        ],
        "known_not_affected": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
          "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
        }
      ],
      "release_date": "2022-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        },
        {
          "category": "workaround",
          "details": "Sanitize the user-provided locale name before passing it to Moment.js.",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Moment.js: Path traversal  in moment.locale"
    },
    {
      "cve": "CVE-2022-24921",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-03-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2064857"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow flaw was found in Golang\u0027s regexp module, which can crash the runtime if the application using regexp accepts very long or arbitrarily long regexps from untrusted sources that have sufficient nesting depths. To exploit this vulnerability, an attacker would need to send large regexps with deep nesting to the application. Triggering this flaw leads to a crash of the runtime, which causes a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: regexp: stack exhaustion via a deeply nested expression",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has been rated as a Moderate impact flaw because the exploitation of this flaw requires that an affected application accept arbitrarily long regexps from untrusted sources, which has inherent risks (even without this flaw), especially involving impacts to application availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64"
        ],
        "known_not_affected": [
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "RHBZ#2064857",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24921",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk",
          "url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"
        }
      ],
      "release_date": "2022-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: regexp: stack exhaustion via a deeply nested expression"
    },
    {
      "cve": "CVE-2022-28327",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077689"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: panic caused by oversized scalar",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ],
        "known_not_affected": [
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077689",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: panic caused by oversized scalar"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jo\u00ebl G\u00e4hwiler"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-29526",
      "cwe": {
        "id": "CWE-358",
        "name": "Improperly Implemented Security Check for Standard"
      },
      "discovery_date": "2022-05-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2084085"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file\u0027s group, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: faccessat checks wrong group",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
        ],
        "known_not_affected": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2084085",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        }
      ],
      "release_date": "2022-05-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: faccessat checks wrong group"
    },
    {
      "cve": "CVE-2022-30629",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "discovery_date": "2022-06-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2092793"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: session tickets lack random ticket_age_add",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "RHBZ#2092793",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30629",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg",
          "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg"
        }
      ],
      "release_date": "2022-06-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: crypto/tls: session tickets lack random ticket_age_add"
    },
    {
      "cve": "CVE-2022-31129",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-07-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2105075"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Moment.js package. Users who pass user-provided strings without sanity length checks to the moment constructor are vulnerable to regular expression denial of service (ReDoS) attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "moment: inefficient parsing algorithm resulting in DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Fuse provides the affected software but does not use the functionality and as such its impact has been downgraded to Low.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) ships a vulnerable version of the moment library. However, this affected functionality is restricted behind OAuth, reducing the impact to Moderate.\n\nRed Hat Satellite ships a vulnerable version of the moment library. However, this only affects a specific component (qpid-dispatch), reducing the impact to Moderate.\n\nRed Hat Ceph Storage (RHCS) ships a vulnerable version of the moment library, however, it is not directly used and is a transitive dependency from Angular. In addition, the impact would only be to the grafana browser, and not the underlying RHCS system, which reduces the impact to Moderate. \n\nRed Hat OpenShift Service Mesh (OSSM) ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nRed Hat OpenShift distributed tracing ships a vulnerable version of the moment library, however, it is not directly used, and as such, the impact has been lowered to Moderate.\n\nIn Logging Subsystem for Red Hat OpenShift the vulnerable moment nodejs package is bundled in the ose-logging-kibana6 container as a transitive dependency, hence the direct impact is reduced to Moderate.\n\nIn OpenShift Container Platform 4 the vulnerabile moment package is a third party dependency, hence the direct impact is reduced to Moderate.\n\nIn Quay IO 3.10 and above, no version of affected momentjs is present.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
          "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
        ],
        "known_not_affected": [
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
          "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
          "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-31129"
        },
        {
          "category": "external",
          "summary": "RHBZ#2105075",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105075"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31129",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31129"
        },
        {
          "category": "external",
          "summary": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g",
          "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
        }
      ],
      "release_date": "2022-07-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-08-31T16:58:21+00:00",
          "details": "The OpenShift Service Mesh Release Notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/v2x/servicemesh-release-notes.html",
          "product_ids": [
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6277"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-cni-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-operator-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-agent-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-pilot-discovery-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.src",
            "8Base-OSSM-2.1:servicemesh-prometheus-0:2.23.0-9.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-proxy-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debuginfo-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-proxy-debugsource-0:2.1.5-1.el8.x86_64",
            "8Base-OSSM-2.1:servicemesh-proxy-wasm-0:2.1.5-1.el8.noarch",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.ppc64le",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.s390x",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.src",
            "8Base-OSSM-2.1:servicemesh-ratelimit-0:2.1.5-1.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "moment: inefficient parsing algorithm resulting in DoS"
    }
  ]
}

RHSA-2022:6714

Vulnerability from csaf_redhat - Published: 2022-09-26 15:26 - Updated: 2026-06-07 01:01

Summary

Red Hat Security Advisory: RHACS 3.72 enhancement and security update

Severity

Moderate

Notes

Topic: Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Release of RHACS 3.72 provides these changes: New features * Automatic removal of nonactive clusters from RHACS: RHACS provides the ability to configure your system to automatically remove nonactive clusters from RHACS so that you can monitor active clusters only. * Support for unauthenticated email integration: RHACS now supports unauthenticated SMTP for email integrations. This is insecure and not recommended. * Support for Quay robot accounts: RHACS now supports use of robot accounts in quay.io integrations. You can create robot accounts in Quay that allow you to share credentials for use in multiple repositories. * Ability to view Dockerfile lines in images that introduced components with Common Vulnerabilities and Exposures (CVEs): In the Images view, under Image Findings, you can view individual lines in the Dockerfile that introduced the components that have been identified as containing CVEs. * Network graph improvements: RHACS 3.72 includes some improvements to the Network Graph user interface. Known issue * RHACS shows the wrong severity when two severities exist for a single vulnerability in a single distribution. This issue occurs because RHACS scopes severities by namespace rather than component. There is no workaround. It is anticipated that an upcoming release will include a fix for this issue. (ROX-12527) Bug fixes * Before this update, the steps to configure OpenShift Container Platform OAuth for more than one URI were missing. The documentation has been revised to include instructions for configuring OAuth in OpenShift Container Platform to use more than one URI. For more information, see Creating additional routes for the OpenShift Container Platform OAuth server. (ROX-11296) * Before this update, the autogenerated image integration, such as a Docker registry integration, for a cluster is not deleted when the cluster is removed from Central. This issue is fixed. (ROX-9398) * Before this update, the Image OS policy criteria did not support regular expressions, or regex. However, the documentation indicated that regular expressions were supported. This issue is fixed by adding support for regular expressions for the Image OS policy criteria. (ROX-12301) * Before this update, the syslog integration did not respect a configured TCP proxy. This is now fixed. * Before this update, the scanner-db pod failed to start when a resource quota was set for the stackrox namespace, because the init-db container in the pod did not have any resources assigned to it. The init-db container for ScannerDB now specifies resource requests and limits that match the db container. (ROX-12291) Notable technical changes * Scanning support for Red Hat Enterprise Linux 9: RHEL 9 is now generally available (GA). RHACS 3.72 introduces support for analyzing images built with Red Hat Universal Base Image (UBI) 9 and Red Hat Enterprise Linux (RHEL) 9 RPMs for vulnerabilities. * Policy for CVEs with fixable CVSS of 6 or greater disabled by default: Beginning with this release, the Fixable CVSS >= 6 and Privileged policy is no longer enabled by default for new RHACS installations. The configuration of this policy is not changed when upgrading an existing system. A new policy Privileged Containers with Important and Critical Fixable CVEs, which gives an alert for containers running in privileged mode that have important or critical fixable vulnerabilities, has been added. Security Fix(es) * golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) * golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921) * golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-24675

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64	—	Vendor Fix fix

Known not affected 5 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64		—

Threats

Impact Moderate

CVE-2022-24921

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64	—	Vendor Fix fix

Known not affected 5 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64		—

Threats

Impact Moderate

CVE-2022-28327

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64	—	Vendor Fix fix

Known not affected 5 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64		—

Threats

Impact Moderate

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-358 - Improperly Implemented Security Check for Standard

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64	—	Vendor Fix fix

Known not affected 5 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64		—

Threats

Impact Moderate

CVE-2022-30631

A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64	—	Vendor Fix fix

Known not affected 5 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64		—
Unresolved product id: 8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64		—

Threats

Impact Moderate

References

34 references

URL	Category
https://access.redhat.com/errata/RHSA-2022:6714	self
https://access.redhat.com/security/updates/classi…	external
https://docs.openshift.com/acs/3.72/release_notes…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2064857	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2022-24675	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://www.cve.org/CVERecord?id=CVE-2022-24675	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24675	external
https://groups.google.com/g/golang-announce/c/oec…	external
https://access.redhat.com/security/cve/CVE-2022-24921	self
https://bugzilla.redhat.com/show_bug.cgi?id=2064857	external
https://www.cve.org/CVERecord?id=CVE-2022-24921	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24921	external
https://groups.google.com/g/golang-announce/c/RP1…	external
https://access.redhat.com/security/cve/CVE-2022-28327	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://www.cve.org/CVERecord?id=CVE-2022-28327	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28327	external
https://access.redhat.com/security/cve/CVE-2022-29526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://www.cve.org/CVERecord?id=CVE-2022-29526	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29526	external
https://groups.google.com/g/golang-announce/c/Y5q…	external
https://access.redhat.com/security/cve/CVE-2022-30631	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://www.cve.org/CVERecord?id=CVE-2022-30631	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30631	external
https://go.dev/issue/53168	external
https://groups.google.com/g/golang-announce/c/nqr…	external

Acknowledgments

Joël Gähwiler

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes new features and bug fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Release of RHACS 3.72 provides these changes:\n\nNew features\n* Automatic removal of nonactive clusters from RHACS: RHACS provides the ability to configure your system to automatically remove nonactive clusters from RHACS so that you can monitor active clusters only. \n* Support for unauthenticated email integration: RHACS now supports unauthenticated SMTP for email integrations. This is insecure and not recommended.\n* Support for Quay robot accounts: RHACS now supports use of robot accounts in quay.io integrations. You can create robot accounts in Quay that allow you to share credentials for use in multiple repositories.\n* Ability to view Dockerfile lines in images that introduced components with Common Vulnerabilities and Exposures (CVEs): In the Images view, under Image Findings, you can view individual lines in the Dockerfile that introduced the components that have been identified as containing CVEs.\n* Network graph improvements: RHACS 3.72 includes some improvements to the Network Graph user interface.\n\nKnown issue\n* RHACS shows the wrong severity when two severities exist for a single vulnerability in a single distribution. This issue occurs because RHACS scopes severities by namespace rather than component. There is no workaround. It is anticipated that an upcoming release will include a fix for this issue. (ROX-12527)\n\nBug fixes\n* Before this update, the steps to configure OpenShift Container Platform OAuth for more than one URI were missing. The documentation has been revised to include instructions for configuring OAuth in OpenShift Container Platform to use more than one URI. For more information, see Creating additional routes for the OpenShift Container Platform OAuth server. (ROX-11296)\n* Before this update, the autogenerated image integration, such as a Docker registry integration, for a cluster is not deleted when the cluster is removed from Central. This issue is fixed. (ROX-9398)\n* Before this update, the Image OS policy criteria did not support regular expressions, or regex. However, the documentation indicated that regular expressions were supported. This issue is fixed by adding support for regular expressions for the Image OS policy criteria. (ROX-12301)\n* Before this update, the syslog integration did not respect a configured TCP proxy. This is now fixed.\n* Before this update, the scanner-db pod failed to start when a resource quota was set for the stackrox namespace, because the init-db container in the pod did not have any resources assigned to it. The init-db container for ScannerDB now specifies resource requests and limits that match the db container. (ROX-12291)\n\nNotable technical changes\n* Scanning support for Red Hat Enterprise Linux 9: RHEL 9 is now generally available (GA). RHACS 3.72 introduces support for analyzing images built with Red Hat Universal Base Image (UBI) 9 and Red Hat Enterprise Linux (RHEL) 9 RPMs for vulnerabilities.\n* Policy for CVEs with fixable CVSS of 6 or greater disabled by default: Beginning with this release, the Fixable CVSS \u003e= 6 and Privileged policy is no longer enabled by default for new RHACS installations. The configuration of this policy is not changed when upgrading an existing system. A new policy Privileged Containers with Important and Critical Fixable CVEs, which gives an alert for containers running in privileged mode that have important or critical fixable vulnerabilities, has been added.\n\nSecurity Fix(es)\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:6714",
        "url": "https://access.redhat.com/errata/RHSA-2022:6714"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://docs.openshift.com/acs/3.72/release_notes/372-release-notes.html",
        "url": "https://docs.openshift.com/acs/3.72/release_notes/372-release-notes.html"
      },
      {
        "category": "external",
        "summary": "2064857",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
      },
      {
        "category": "external",
        "summary": "2077688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
      },
      {
        "category": "external",
        "summary": "2077689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
      },
      {
        "category": "external",
        "summary": "2084085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
      },
      {
        "category": "external",
        "summary": "2107342",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6714.json"
      }
    ],
    "title": "Red Hat Security Advisory: RHACS 3.72 enhancement and security update",
    "tracking": {
      "current_release_date": "2026-06-07T01:01:16+00:00",
      "generator": {
        "date": "2026-06-07T01:01:16+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2022:6714",
      "initial_release_date": "2022-09-26T15:26:11+00:00",
      "revision_history": [
        {
          "date": "2022-09-26T15:26:11+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-09-26T15:26:11+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-07T01:01:16+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHACS 3.72 for RHEL 8",
                "product": {
                  "name": "RHACS 3.72 for RHEL 8",
                  "product_id": "8Base-RHACS-3.72",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:advanced_cluster_security:3.72::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Cluster Security for Kubernetes"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.72.0-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
                  "product_id": "advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-docs-rhel8\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.72.0-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.72.0-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.72.0-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.72.0-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64 as a component of RHACS 3.72 for RHEL 8",
          "product_id": "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64",
        "relates_to_product_reference": "8Base-RHACS-3.72"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-24675",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/pem: fix stack overflow in Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
        ],
        "known_not_affected": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-09-26T15:26:11+00:00",
          "details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 3.72 you are advised to upgrade to RHACS 3.72.0.",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6714"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/pem: fix stack overflow in Decode"
    },
    {
      "cve": "CVE-2022-24921",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-03-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2064857"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow flaw was found in Golang\u0027s regexp module, which can crash the runtime if the application using regexp accepts very long or arbitrarily long regexps from untrusted sources that have sufficient nesting depths. To exploit this vulnerability, an attacker would need to send large regexps with deep nesting to the application. Triggering this flaw leads to a crash of the runtime, which causes a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: regexp: stack exhaustion via a deeply nested expression",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has been rated as a Moderate impact flaw because the exploitation of this flaw requires that an affected application accept arbitrarily long regexps from untrusted sources, which has inherent risks (even without this flaw), especially involving impacts to application availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
        ],
        "known_not_affected": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "RHBZ#2064857",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064857"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24921",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24921"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk",
          "url": "https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk"
        }
      ],
      "release_date": "2022-03-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-09-26T15:26:11+00:00",
          "details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 3.72 you are advised to upgrade to RHACS 3.72.0.",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6714"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: regexp: stack exhaustion via a deeply nested expression"
    },
    {
      "cve": "CVE-2022-28327",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077689"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: panic caused by oversized scalar",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
        ],
        "known_not_affected": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077689",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-09-26T15:26:11+00:00",
          "details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 3.72 you are advised to upgrade to RHACS 3.72.0.",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6714"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: panic caused by oversized scalar"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jo\u00ebl G\u00e4hwiler"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-29526",
      "cwe": {
        "id": "CWE-358",
        "name": "Improperly Implemented Security Check for Standard"
      },
      "discovery_date": "2022-05-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2084085"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file\u0027s group, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: faccessat checks wrong group",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
        ],
        "known_not_affected": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2084085",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        }
      ],
      "release_date": "2022-05-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-09-26T15:26:11+00:00",
          "details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 3.72 you are advised to upgrade to RHACS 3.72.0.",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6714"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: faccessat checks wrong group"
    },
    {
      "cve": "CVE-2022-30631",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107342"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: compress/gzip: stack exhaustion in Reader.Read",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit CVE-2022-30631, an attacker supplies a specially crafted gzip archive to a Go application that uses a vulnerable version of the compress/gzip package without adequate input validation. This can lead to uncontrolled recursion, resulting in stack exhaustion and causing the application to panic, thereby affecting its availability.\n\nAs this is merely a DoS and there is no known way to control the instruction pointer, RH ProdSec has set the impact of this vulnerabilty to \"Moderate\".",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
        ],
        "known_not_affected": [
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
          "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107342",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30631",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53168",
          "url": "https://go.dev/issue/53168"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-09-26T15:26:11+00:00",
          "details": "To take advantage of the new features, bug fixes, and enhancements in RHACS 3.72 you are advised to upgrade to RHACS 3.72.0.",
          "product_ids": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:6714"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-rhel8@sha256:2083d2a25f1954186a0b06ddde11215b1f21ac819f2fadb5278f2c62aad5324d_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:abeaab1e57851f3883af18464d85e776c83778a79bdd39e97d67fc05a0bbe87b_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-docs-rhel8@sha256:a17be9f88785c32bb6ab598072bae369f392b80037500947af5cd3f174daafe4_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-main-rhel8@sha256:142aeebfd057b8bf0bcc949190887a2fbc5bf160aa38e7ed70baaccf4f1438c3_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-operator-bundle@sha256:9ec13da5353f1031edc8b84ee17f00fd42c59253b2f402eec0dc5744fac1cbf5_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-rhel8-operator@sha256:12012f57ce5f5a3198288b21761b046a0090335d36eb5a6425ab547b04a82790_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:aa63f1ec9768107ef8ee6ca951589d3aba4abd0b6ebac17fd730360f06b25f36_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1e1598484dbf95e45e2b6798dc82d5d0f78a82fff0025d61736c7fdc014e915e_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8ddb34c4d25fce6e6686a51a3f8482152a48e9f9154a3142983bcdfde66e9a85_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-rhel8@sha256:39076f8d7502262d78176bda06dfa5ed69bd43a42a5cdd431434bad30dd844ba_amd64",
            "8Base-RHACS-3.72:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:dd738be01a9a078d457e76cf54e2e88d112db971542a168cd4b016190cdf00e1_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: compress/gzip: stack exhaustion in Reader.Read"
    }
  ]
}

RHSA-2023:0408

Vulnerability from csaf_redhat - Published: 2023-01-25 11:11 - Updated: 2026-06-07 01:01

Summary

Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update

Severity

Important

Notes

Topic: Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.12.0 images: Security Fix(es): * golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) * kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798) * golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561) * golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) * golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705) * golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962) * golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772) * golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773) * golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806) * golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630) * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632) * golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633) * golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635) * golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148) * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. RHEL-8-CNV-4.12 ============== bridge-marker-container-v4.12.0-24 cluster-network-addons-operator-container-v4.12.0-24 cnv-containernetworking-plugins-container-v4.12.0-24 cnv-must-gather-container-v4.12.0-58 hco-bundle-registry-container-v4.12.0-769 hostpath-csi-driver-container-v4.12.0-30 hostpath-provisioner-container-v4.12.0-30 hostpath-provisioner-operator-container-v4.12.0-31 hyperconverged-cluster-operator-container-v4.12.0-96 hyperconverged-cluster-webhook-container-v4.12.0-96 kubemacpool-container-v4.12.0-24 kubevirt-console-plugin-container-v4.12.0-182 kubevirt-ssp-operator-container-v4.12.0-64 kubevirt-tekton-tasks-cleanup-vm-container-v4.12.0-55 kubevirt-tekton-tasks-copy-template-container-v4.12.0-55 kubevirt-tekton-tasks-create-datavolume-container-v4.12.0-55 kubevirt-tekton-tasks-create-vm-from-template-container-v4.12.0-55 kubevirt-tekton-tasks-disk-virt-customize-container-v4.12.0-55 kubevirt-tekton-tasks-disk-virt-sysprep-container-v4.12.0-55 kubevirt-tekton-tasks-modify-vm-template-container-v4.12.0-55 kubevirt-tekton-tasks-operator-container-v4.12.0-40 kubevirt-tekton-tasks-wait-for-vmi-status-container-v4.12.0-55 kubevirt-template-validator-container-v4.12.0-32 libguestfs-tools-container-v4.12.0-255 ovs-cni-marker-container-v4.12.0-24 ovs-cni-plugin-container-v4.12.0-24 virt-api-container-v4.12.0-255 virt-artifacts-server-container-v4.12.0-255 virt-cdi-apiserver-container-v4.12.0-72 virt-cdi-cloner-container-v4.12.0-72 virt-cdi-controller-container-v4.12.0-72 virt-cdi-importer-container-v4.12.0-72 virt-cdi-operator-container-v4.12.0-72 virt-cdi-uploadproxy-container-v4.12.0-71 virt-cdi-uploadserver-container-v4.12.0-72 virt-controller-container-v4.12.0-255 virt-exportproxy-container-v4.12.0-255 virt-exportserver-container-v4.12.0-255 virt-handler-container-v4.12.0-255 virt-launcher-container-v4.12.0-255 virt-operator-container-v4.12.0-255 virtio-win-container-v4.12.0-10 vm-network-latency-checkup-container-v4.12.0-89

CVE-2021-38561

A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

Affected products

Fixed 8 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix

Known not affected 35 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2021-44716

There's an uncontrolled resource consumption flaw in golang's net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http's http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix Workaround

Known not affected 37 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64	—	Workaround

Threats

Impact Moderate

CVE-2021-44717

There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix Workaround

Known not affected 37 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64	—	Workaround
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64	—	Workaround

Threats

Impact Moderate

CVE-2022-1705

A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-1798

An arbitrary file read vulnerability was found in the kubeVirt API. This flaw makes it possible to use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix

Known not affected 37 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Important

CVE-2022-1962

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-23772

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 5 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix

Known not affected 38 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-23773

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-266 - Incorrect Privilege Assignment

Affected products

Fixed 5 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix

Known not affected 38 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-23806

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CWE-252 - Unchecked Return Value

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64	—	Vendor Fix fix

Known not affected 37 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-28131

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-358 - Improperly Implemented Security Check for Standard

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-30629

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-331 - Insufficient Entropy

Affected products

Fixed 6 products

Product	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64	—	Vendor Fix fix

Known not affected 37 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Low

CVE-2022-30630

A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-30631

A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-30632

A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-30633

A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the "any" field tag, can cause a panic due to stack exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-30635

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

CVE-2022-32148

A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64		—	Vendor Fix fix

Known not affected 42 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64		—
Unresolved product id: 8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64		—

Threats

Impact Moderate

References

339 references

URL	Category
https://access.redhat.com/errata/RHSA-2023:0408	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1719190	external
https://bugzilla.redhat.com/show_bug.cgi?id=2023393	external
https://bugzilla.redhat.com/show_bug.cgi?id=2030801	external
https://bugzilla.redhat.com/show_bug.cgi?id=2030806	external
https://bugzilla.redhat.com/show_bug.cgi?id=2040377	external
https://bugzilla.redhat.com/show_bug.cgi?id=2046298	external
https://bugzilla.redhat.com/show_bug.cgi?id=2052556	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053429	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053532	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053541	external
https://bugzilla.redhat.com/show_bug.cgi?id=2060499	external
https://bugzilla.redhat.com/show_bug.cgi?id=2069098	external
https://bugzilla.redhat.com/show_bug.cgi?id=2070366	external
https://bugzilla.redhat.com/show_bug.cgi?id=2071491	external
https://bugzilla.redhat.com/show_bug.cgi?id=2072797	external
https://bugzilla.redhat.com/show_bug.cgi?id=2072821	external
https://bugzilla.redhat.com/show_bug.cgi?id=2079916	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://bugzilla.redhat.com/show_bug.cgi?id=2086285	external
https://bugzilla.redhat.com/show_bug.cgi?id=2086551	external
https://bugzilla.redhat.com/show_bug.cgi?id=2087724	external
https://bugzilla.redhat.com/show_bug.cgi?id=2088129	external
https://bugzilla.redhat.com/show_bug.cgi?id=2088464	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089391	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089744	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089751	external
https://bugzilla.redhat.com/show_bug.cgi?id=2089804	external
https://bugzilla.redhat.com/show_bug.cgi?id=2091856	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092796	external
https://bugzilla.redhat.com/show_bug.cgi?id=2093771	external
https://bugzilla.redhat.com/show_bug.cgi?id=2093996	external
https://bugzilla.redhat.com/show_bug.cgi?id=2094202	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096285	external
https://bugzilla.redhat.com/show_bug.cgi?id=2096780	external
https://bugzilla.redhat.com/show_bug.cgi?id=2097436	external
https://bugzilla.redhat.com/show_bug.cgi?id=2097586	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099556	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099573	external
https://bugzilla.redhat.com/show_bug.cgi?id=2099923	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100290	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100436	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100442	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100495	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100629	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100679	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100682	external
https://bugzilla.redhat.com/show_bug.cgi?id=2100684	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101144	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101164	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101167	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101333	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101335	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101390	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101394	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101423	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101430	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101445	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101454	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101499	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101501	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101628	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101667	external
https://bugzilla.redhat.com/show_bug.cgi?id=2101681	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102074	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102125	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102132	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102138	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102256	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102448	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102475	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102561	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102737	external
https://bugzilla.redhat.com/show_bug.cgi?id=2102740	external
https://bugzilla.redhat.com/show_bug.cgi?id=2103806	external
https://bugzilla.redhat.com/show_bug.cgi?id=2103807	external
https://bugzilla.redhat.com/show_bug.cgi?id=2103817	external
https://bugzilla.redhat.com/show_bug.cgi?id=2103844	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104331	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104402	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104422	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104424	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104479	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104480	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104785	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104859	external
https://bugzilla.redhat.com/show_bug.cgi?id=2105257	external
https://bugzilla.redhat.com/show_bug.cgi?id=2106175	external
https://bugzilla.redhat.com/show_bug.cgi?id=2106963	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107279	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107371	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107374	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107376	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107383	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107386	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107388	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107390	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107392	external
https://bugzilla.redhat.com/show_bug.cgi?id=2108339	external
https://bugzilla.redhat.com/show_bug.cgi?id=2108638	external
https://bugzilla.redhat.com/show_bug.cgi?id=2109818	external
https://bugzilla.redhat.com/show_bug.cgi?id=2109975	external
https://bugzilla.redhat.com/show_bug.cgi?id=2110256	external
https://bugzilla.redhat.com/show_bug.cgi?id=2110562	external
https://bugzilla.redhat.com/show_bug.cgi?id=2111240	external
https://bugzilla.redhat.com/show_bug.cgi?id=2111292	external
https://bugzilla.redhat.com/show_bug.cgi?id=2111328	external
https://bugzilla.redhat.com/show_bug.cgi?id=2111378	external
https://bugzilla.redhat.com/show_bug.cgi?id=2111744	external
https://bugzilla.redhat.com/show_bug.cgi?id=2111794	external
https://bugzilla.redhat.com/show_bug.cgi?id=2112900	external
https://bugzilla.redhat.com/show_bug.cgi?id=2114516	external
https://bugzilla.redhat.com/show_bug.cgi?id=2114636	external
https://bugzilla.redhat.com/show_bug.cgi?id=2114683	external
https://bugzilla.redhat.com/show_bug.cgi?id=2115257	external
https://bugzilla.redhat.com/show_bug.cgi?id=2115258	external
https://bugzilla.redhat.com/show_bug.cgi?id=2115280	external
https://bugzilla.redhat.com/show_bug.cgi?id=2115769	external
https://bugzilla.redhat.com/show_bug.cgi?id=2116225	external
https://bugzilla.redhat.com/show_bug.cgi?id=2116644	external
https://bugzilla.redhat.com/show_bug.cgi?id=2117549	external
https://bugzilla.redhat.com/show_bug.cgi?id=2117803	external
https://bugzilla.redhat.com/show_bug.cgi?id=2117813	external
https://bugzilla.redhat.com/show_bug.cgi?id=2117872	external
https://bugzilla.redhat.com/show_bug.cgi?id=2118257	external
https://bugzilla.redhat.com/show_bug.cgi?id=2118823	external
https://bugzilla.redhat.com/show_bug.cgi?id=2119069	external
https://bugzilla.redhat.com/show_bug.cgi?id=2119128	external
https://bugzilla.redhat.com/show_bug.cgi?id=2119309	external
https://bugzilla.redhat.com/show_bug.cgi?id=2119615	external
https://bugzilla.redhat.com/show_bug.cgi?id=2120907	external
https://bugzilla.redhat.com/show_bug.cgi?id=2121320	external
https://bugzilla.redhat.com/show_bug.cgi?id=2122236	external
https://bugzilla.redhat.com/show_bug.cgi?id=2122990	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124147	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124307	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124528	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124555	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124557	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124558	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124565	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124572	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124582	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124594	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124597	external
https://bugzilla.redhat.com/show_bug.cgi?id=2126104	external
https://bugzilla.redhat.com/show_bug.cgi?id=2126397	external
https://bugzilla.redhat.com/show_bug.cgi?id=2127787	external
https://bugzilla.redhat.com/show_bug.cgi?id=2127843	external
https://bugzilla.redhat.com/show_bug.cgi?id=2127931	external
https://bugzilla.redhat.com/show_bug.cgi?id=2127947	external
https://bugzilla.redhat.com/show_bug.cgi?id=2128002	external
https://bugzilla.redhat.com/show_bug.cgi?id=2128107	external
https://bugzilla.redhat.com/show_bug.cgi?id=2128872	external
https://bugzilla.redhat.com/show_bug.cgi?id=2128948	external
https://bugzilla.redhat.com/show_bug.cgi?id=2128949	external
https://bugzilla.redhat.com/show_bug.cgi?id=2128997	external
https://bugzilla.redhat.com/show_bug.cgi?id=2129013	external
https://bugzilla.redhat.com/show_bug.cgi?id=2129234	external
https://bugzilla.redhat.com/show_bug.cgi?id=2129301	external
https://bugzilla.redhat.com/show_bug.cgi?id=2129870	external
https://bugzilla.redhat.com/show_bug.cgi?id=2130509	external
https://bugzilla.redhat.com/show_bug.cgi?id=2130588	external
https://bugzilla.redhat.com/show_bug.cgi?id=2130695	external
https://bugzilla.redhat.com/show_bug.cgi?id=2130909	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131157	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131165	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131674	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132031	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132682	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132721	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132744	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132746	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132783	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132793	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132932	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133540	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133541	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133542	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133543	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133655	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133656	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133659	external
https://bugzilla.redhat.com/show_bug.cgi?id=2133660	external
https://bugzilla.redhat.com/show_bug.cgi?id=2134123	external
https://bugzilla.redhat.com/show_bug.cgi?id=2134672	external
https://bugzilla.redhat.com/show_bug.cgi?id=2134825	external
https://bugzilla.redhat.com/show_bug.cgi?id=2135805	external
https://bugzilla.redhat.com/show_bug.cgi?id=2136051	external
https://bugzilla.redhat.com/show_bug.cgi?id=2136425	external
https://bugzilla.redhat.com/show_bug.cgi?id=2136534	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137123	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137241	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137243	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137349	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137591	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137731	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137733	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137736	external
https://bugzilla.redhat.com/show_bug.cgi?id=2137896	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138112	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138119	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138199	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138653	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138657	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138664	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139257	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139260	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139293	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139296	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139299	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139306	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139479	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139574	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139651	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139687	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139738	external
https://bugzilla.redhat.com/show_bug.cgi?id=2139820	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140117	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140521	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140534	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140627	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140730	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140808	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140977	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140982	external
https://bugzilla.redhat.com/show_bug.cgi?id=2140998	external
https://bugzilla.redhat.com/show_bug.cgi?id=2141089	external
https://bugzilla.redhat.com/show_bug.cgi?id=2141302	external
https://bugzilla.redhat.com/show_bug.cgi?id=2141399	external
https://bugzilla.redhat.com/show_bug.cgi?id=2141494	external
https://bugzilla.redhat.com/show_bug.cgi?id=2141654	external
https://bugzilla.redhat.com/show_bug.cgi?id=2141711	external
https://bugzilla.redhat.com/show_bug.cgi?id=2142468	external
https://bugzilla.redhat.com/show_bug.cgi?id=2142470	external
https://bugzilla.redhat.com/show_bug.cgi?id=2142511	external
https://bugzilla.redhat.com/show_bug.cgi?id=2142647	external
https://bugzilla.redhat.com/show_bug.cgi?id=2142891	external
https://bugzilla.redhat.com/show_bug.cgi?id=2142929	external
https://bugzilla.redhat.com/show_bug.cgi?id=2143268	external
https://bugzilla.redhat.com/show_bug.cgi?id=2143498	external
https://bugzilla.redhat.com/show_bug.cgi?id=2143964	external
https://bugzilla.redhat.com/show_bug.cgi?id=2144580	external
https://bugzilla.redhat.com/show_bug.cgi?id=2144828	external
https://bugzilla.redhat.com/show_bug.cgi?id=2144839	external
https://bugzilla.redhat.com/show_bug.cgi?id=2153849	external
https://bugzilla.redhat.com/show_bug.cgi?id=2155757	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2021-38561	self
https://bugzilla.redhat.com/show_bug.cgi?id=2100495	external
https://www.cve.org/CVERecord?id=CVE-2021-38561	external
https://nvd.nist.gov/vuln/detail/CVE-2021-38561	external
https://pkg.go.dev/vuln/GO-2021-0113	external
https://access.redhat.com/security/cve/CVE-2021-44716	self
https://bugzilla.redhat.com/show_bug.cgi?id=2030801	external
https://www.cve.org/CVERecord?id=CVE-2021-44716	external
https://nvd.nist.gov/vuln/detail/CVE-2021-44716	external
https://groups.google.com/g/golang-announce/c/hcm…	external
https://access.redhat.com/security/cve/CVE-2021-44717	self
https://bugzilla.redhat.com/show_bug.cgi?id=2030806	external
https://www.cve.org/CVERecord?id=CVE-2021-44717	external
https://nvd.nist.gov/vuln/detail/CVE-2021-44717	external
https://access.redhat.com/security/cve/CVE-2022-1705	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107374	external
https://www.cve.org/CVERecord?id=CVE-2022-1705	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1705	external
https://go.dev/issue/53188	external
https://groups.google.com/g/golang-announce/c/nqr…	external
https://access.redhat.com/security/cve/CVE-2022-1798	self
https://bugzilla.redhat.com/show_bug.cgi?id=2117872	external
https://www.cve.org/CVERecord?id=CVE-2022-1798	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1798	external
https://github.com/google/security-research/secur…	external
https://access.redhat.com/security/cve/CVE-2022-1962	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107376	external
https://www.cve.org/CVERecord?id=CVE-2022-1962	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1962	external
https://go.dev/issue/53616	external
https://access.redhat.com/security/cve/CVE-2022-23772	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053532	external
https://www.cve.org/CVERecord?id=CVE-2022-23772	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23772	external
https://groups.google.com/g/golang-announce/c/SUs…	external
https://access.redhat.com/security/cve/CVE-2022-23773	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053541	external
https://www.cve.org/CVERecord?id=CVE-2022-23773	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23773	external
https://access.redhat.com/security/cve/CVE-2022-23806	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053429	external
https://www.cve.org/CVERecord?id=CVE-2022-23806	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23806	external
https://access.redhat.com/security/cve/CVE-2022-28131	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107390	external
https://www.cve.org/CVERecord?id=CVE-2022-28131	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28131	external
https://go.dev/issue/53614	external
https://access.redhat.com/security/cve/CVE-2022-29526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://www.cve.org/CVERecord?id=CVE-2022-29526	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29526	external
https://groups.google.com/g/golang-announce/c/Y5q…	external
https://access.redhat.com/security/cve/CVE-2022-30629	self
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://www.cve.org/CVERecord?id=CVE-2022-30629	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30629	external
https://groups.google.com/g/golang-announce/c/TzI…	external
https://access.redhat.com/security/cve/CVE-2022-30630	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107371	external
https://www.cve.org/CVERecord?id=CVE-2022-30630	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30630	external
https://go.dev/issue/53415	external
https://access.redhat.com/security/cve/CVE-2022-30631	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://www.cve.org/CVERecord?id=CVE-2022-30631	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30631	external
https://go.dev/issue/53168	external
https://access.redhat.com/security/cve/CVE-2022-30632	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107386	external
https://www.cve.org/CVERecord?id=CVE-2022-30632	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30632	external
https://go.dev/issue/53416	external
https://access.redhat.com/security/cve/CVE-2022-30633	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107392	external
https://www.cve.org/CVERecord?id=CVE-2022-30633	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30633	external
https://go.dev/issue/53611	external
https://access.redhat.com/security/cve/CVE-2022-30635	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107388	external
https://www.cve.org/CVERecord?id=CVE-2022-30635	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30635	external
https://go.dev/issue/53615	external
https://access.redhat.com/security/cve/CVE-2022-32148	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107383	external
https://www.cve.org/CVERecord?id=CVE-2022-32148	external
https://nvd.nist.gov/vuln/detail/CVE-2022-32148	external
https://go.dev/issue/53423	external

Acknowledgments

NCC Group Oliver Brooks and James Klopchic

Joël Gähwiler

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.12.0 images:\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798)\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561)\n\n* golang: syscall: don\u0027t close fd 0 on ForkExec error (CVE-2021-44717)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)\n\n* golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nRHEL-8-CNV-4.12\n\n==============\n\nbridge-marker-container-v4.12.0-24\ncluster-network-addons-operator-container-v4.12.0-24\ncnv-containernetworking-plugins-container-v4.12.0-24\ncnv-must-gather-container-v4.12.0-58\nhco-bundle-registry-container-v4.12.0-769\nhostpath-csi-driver-container-v4.12.0-30\nhostpath-provisioner-container-v4.12.0-30\nhostpath-provisioner-operator-container-v4.12.0-31\nhyperconverged-cluster-operator-container-v4.12.0-96\nhyperconverged-cluster-webhook-container-v4.12.0-96\nkubemacpool-container-v4.12.0-24\nkubevirt-console-plugin-container-v4.12.0-182\nkubevirt-ssp-operator-container-v4.12.0-64\nkubevirt-tekton-tasks-cleanup-vm-container-v4.12.0-55\nkubevirt-tekton-tasks-copy-template-container-v4.12.0-55\nkubevirt-tekton-tasks-create-datavolume-container-v4.12.0-55\nkubevirt-tekton-tasks-create-vm-from-template-container-v4.12.0-55\nkubevirt-tekton-tasks-disk-virt-customize-container-v4.12.0-55\nkubevirt-tekton-tasks-disk-virt-sysprep-container-v4.12.0-55\nkubevirt-tekton-tasks-modify-vm-template-container-v4.12.0-55\nkubevirt-tekton-tasks-operator-container-v4.12.0-40\nkubevirt-tekton-tasks-wait-for-vmi-status-container-v4.12.0-55\nkubevirt-template-validator-container-v4.12.0-32\nlibguestfs-tools-container-v4.12.0-255\novs-cni-marker-container-v4.12.0-24\novs-cni-plugin-container-v4.12.0-24\nvirt-api-container-v4.12.0-255\nvirt-artifacts-server-container-v4.12.0-255\nvirt-cdi-apiserver-container-v4.12.0-72\nvirt-cdi-cloner-container-v4.12.0-72\nvirt-cdi-controller-container-v4.12.0-72\nvirt-cdi-importer-container-v4.12.0-72\nvirt-cdi-operator-container-v4.12.0-72\nvirt-cdi-uploadproxy-container-v4.12.0-71\nvirt-cdi-uploadserver-container-v4.12.0-72\nvirt-controller-container-v4.12.0-255\nvirt-exportproxy-container-v4.12.0-255\nvirt-exportserver-container-v4.12.0-255\nvirt-handler-container-v4.12.0-255\nvirt-launcher-container-v4.12.0-255\nvirt-operator-container-v4.12.0-255\nvirtio-win-container-v4.12.0-10\nvm-network-latency-checkup-container-v4.12.0-89",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:0408",
        "url": "https://access.redhat.com/errata/RHSA-2023:0408"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1719190",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719190"
      },
      {
        "category": "external",
        "summary": "2023393",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2023393"
      },
      {
        "category": "external",
        "summary": "2030801",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
      },
      {
        "category": "external",
        "summary": "2030806",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
      },
      {
        "category": "external",
        "summary": "2040377",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040377"
      },
      {
        "category": "external",
        "summary": "2046298",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046298"
      },
      {
        "category": "external",
        "summary": "2052556",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2052556"
      },
      {
        "category": "external",
        "summary": "2053429",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
      },
      {
        "category": "external",
        "summary": "2053532",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
      },
      {
        "category": "external",
        "summary": "2053541",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
      },
      {
        "category": "external",
        "summary": "2060499",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2060499"
      },
      {
        "category": "external",
        "summary": "2069098",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069098"
      },
      {
        "category": "external",
        "summary": "2070366",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070366"
      },
      {
        "category": "external",
        "summary": "2071491",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2071491"
      },
      {
        "category": "external",
        "summary": "2072797",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072797"
      },
      {
        "category": "external",
        "summary": "2072821",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072821"
      },
      {
        "category": "external",
        "summary": "2079916",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2079916"
      },
      {
        "category": "external",
        "summary": "2084085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
      },
      {
        "category": "external",
        "summary": "2086285",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086285"
      },
      {
        "category": "external",
        "summary": "2086551",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2086551"
      },
      {
        "category": "external",
        "summary": "2087724",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087724"
      },
      {
        "category": "external",
        "summary": "2088129",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088129"
      },
      {
        "category": "external",
        "summary": "2088464",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2088464"
      },
      {
        "category": "external",
        "summary": "2089391",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089391"
      },
      {
        "category": "external",
        "summary": "2089744",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089744"
      },
      {
        "category": "external",
        "summary": "2089751",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089751"
      },
      {
        "category": "external",
        "summary": "2089804",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2089804"
      },
      {
        "category": "external",
        "summary": "2091856",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091856"
      },
      {
        "category": "external",
        "summary": "2092793",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
      },
      {
        "category": "external",
        "summary": "2092796",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092796"
      },
      {
        "category": "external",
        "summary": "2093771",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093771"
      },
      {
        "category": "external",
        "summary": "2093996",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2093996"
      },
      {
        "category": "external",
        "summary": "2094202",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094202"
      },
      {
        "category": "external",
        "summary": "2096285",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096285"
      },
      {
        "category": "external",
        "summary": "2096780",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2096780"
      },
      {
        "category": "external",
        "summary": "2097436",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097436"
      },
      {
        "category": "external",
        "summary": "2097586",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097586"
      },
      {
        "category": "external",
        "summary": "2099556",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099556"
      },
      {
        "category": "external",
        "summary": "2099573",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099573"
      },
      {
        "category": "external",
        "summary": "2099923",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2099923"
      },
      {
        "category": "external",
        "summary": "2100290",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100290"
      },
      {
        "category": "external",
        "summary": "2100436",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100436"
      },
      {
        "category": "external",
        "summary": "2100442",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100442"
      },
      {
        "category": "external",
        "summary": "2100495",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100495"
      },
      {
        "category": "external",
        "summary": "2100629",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100629"
      },
      {
        "category": "external",
        "summary": "2100679",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100679"
      },
      {
        "category": "external",
        "summary": "2100682",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100682"
      },
      {
        "category": "external",
        "summary": "2100684",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100684"
      },
      {
        "category": "external",
        "summary": "2101144",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101144"
      },
      {
        "category": "external",
        "summary": "2101164",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101164"
      },
      {
        "category": "external",
        "summary": "2101167",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101167"
      },
      {
        "category": "external",
        "summary": "2101333",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101333"
      },
      {
        "category": "external",
        "summary": "2101335",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101335"
      },
      {
        "category": "external",
        "summary": "2101390",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101390"
      },
      {
        "category": "external",
        "summary": "2101394",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101394"
      },
      {
        "category": "external",
        "summary": "2101423",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101423"
      },
      {
        "category": "external",
        "summary": "2101430",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101430"
      },
      {
        "category": "external",
        "summary": "2101445",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101445"
      },
      {
        "category": "external",
        "summary": "2101454",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101454"
      },
      {
        "category": "external",
        "summary": "2101499",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101499"
      },
      {
        "category": "external",
        "summary": "2101501",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101501"
      },
      {
        "category": "external",
        "summary": "2101628",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101628"
      },
      {
        "category": "external",
        "summary": "2101667",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101667"
      },
      {
        "category": "external",
        "summary": "2101681",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101681"
      },
      {
        "category": "external",
        "summary": "2102074",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102074"
      },
      {
        "category": "external",
        "summary": "2102125",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102125"
      },
      {
        "category": "external",
        "summary": "2102132",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102132"
      },
      {
        "category": "external",
        "summary": "2102138",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102138"
      },
      {
        "category": "external",
        "summary": "2102256",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102256"
      },
      {
        "category": "external",
        "summary": "2102448",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102448"
      },
      {
        "category": "external",
        "summary": "2102475",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102475"
      },
      {
        "category": "external",
        "summary": "2102561",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102561"
      },
      {
        "category": "external",
        "summary": "2102737",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102737"
      },
      {
        "category": "external",
        "summary": "2102740",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2102740"
      },
      {
        "category": "external",
        "summary": "2103806",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103806"
      },
      {
        "category": "external",
        "summary": "2103807",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103807"
      },
      {
        "category": "external",
        "summary": "2103817",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103817"
      },
      {
        "category": "external",
        "summary": "2103844",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2103844"
      },
      {
        "category": "external",
        "summary": "2104331",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104331"
      },
      {
        "category": "external",
        "summary": "2104402",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104402"
      },
      {
        "category": "external",
        "summary": "2104422",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104422"
      },
      {
        "category": "external",
        "summary": "2104424",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104424"
      },
      {
        "category": "external",
        "summary": "2104479",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104479"
      },
      {
        "category": "external",
        "summary": "2104480",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104480"
      },
      {
        "category": "external",
        "summary": "2104785",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104785"
      },
      {
        "category": "external",
        "summary": "2104859",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104859"
      },
      {
        "category": "external",
        "summary": "2105257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105257"
      },
      {
        "category": "external",
        "summary": "2106175",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106175"
      },
      {
        "category": "external",
        "summary": "2106963",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106963"
      },
      {
        "category": "external",
        "summary": "2107279",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107279"
      },
      {
        "category": "external",
        "summary": "2107342",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
      },
      {
        "category": "external",
        "summary": "2107371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"
      },
      {
        "category": "external",
        "summary": "2107374",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
      },
      {
        "category": "external",
        "summary": "2107376",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376"
      },
      {
        "category": "external",
        "summary": "2107383",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383"
      },
      {
        "category": "external",
        "summary": "2107386",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
      },
      {
        "category": "external",
        "summary": "2107388",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
      },
      {
        "category": "external",
        "summary": "2107390",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390"
      },
      {
        "category": "external",
        "summary": "2107392",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392"
      },
      {
        "category": "external",
        "summary": "2108339",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108339"
      },
      {
        "category": "external",
        "summary": "2108638",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108638"
      },
      {
        "category": "external",
        "summary": "2109818",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2109818"
      },
      {
        "category": "external",
        "summary": "2109975",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2109975"
      },
      {
        "category": "external",
        "summary": "2110256",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2110256"
      },
      {
        "category": "external",
        "summary": "2110562",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2110562"
      },
      {
        "category": "external",
        "summary": "2111240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111240"
      },
      {
        "category": "external",
        "summary": "2111292",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111292"
      },
      {
        "category": "external",
        "summary": "2111328",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111328"
      },
      {
        "category": "external",
        "summary": "2111378",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111378"
      },
      {
        "category": "external",
        "summary": "2111744",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111744"
      },
      {
        "category": "external",
        "summary": "2111794",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2111794"
      },
      {
        "category": "external",
        "summary": "2112900",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112900"
      },
      {
        "category": "external",
        "summary": "2114516",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114516"
      },
      {
        "category": "external",
        "summary": "2114636",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114636"
      },
      {
        "category": "external",
        "summary": "2114683",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2114683"
      },
      {
        "category": "external",
        "summary": "2115257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115257"
      },
      {
        "category": "external",
        "summary": "2115258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115258"
      },
      {
        "category": "external",
        "summary": "2115280",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115280"
      },
      {
        "category": "external",
        "summary": "2115769",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2115769"
      },
      {
        "category": "external",
        "summary": "2116225",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116225"
      },
      {
        "category": "external",
        "summary": "2116644",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116644"
      },
      {
        "category": "external",
        "summary": "2117549",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117549"
      },
      {
        "category": "external",
        "summary": "2117803",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117803"
      },
      {
        "category": "external",
        "summary": "2117813",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117813"
      },
      {
        "category": "external",
        "summary": "2117872",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117872"
      },
      {
        "category": "external",
        "summary": "2118257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118257"
      },
      {
        "category": "external",
        "summary": "2118823",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118823"
      },
      {
        "category": "external",
        "summary": "2119069",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119069"
      },
      {
        "category": "external",
        "summary": "2119128",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119128"
      },
      {
        "category": "external",
        "summary": "2119309",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119309"
      },
      {
        "category": "external",
        "summary": "2119615",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2119615"
      },
      {
        "category": "external",
        "summary": "2120907",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120907"
      },
      {
        "category": "external",
        "summary": "2121320",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2121320"
      },
      {
        "category": "external",
        "summary": "2122236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122236"
      },
      {
        "category": "external",
        "summary": "2122990",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122990"
      },
      {
        "category": "external",
        "summary": "2124147",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124147"
      },
      {
        "category": "external",
        "summary": "2124307",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124307"
      },
      {
        "category": "external",
        "summary": "2124528",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124528"
      },
      {
        "category": "external",
        "summary": "2124555",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124555"
      },
      {
        "category": "external",
        "summary": "2124557",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124557"
      },
      {
        "category": "external",
        "summary": "2124558",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124558"
      },
      {
        "category": "external",
        "summary": "2124565",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124565"
      },
      {
        "category": "external",
        "summary": "2124572",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124572"
      },
      {
        "category": "external",
        "summary": "2124582",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124582"
      },
      {
        "category": "external",
        "summary": "2124594",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124594"
      },
      {
        "category": "external",
        "summary": "2124597",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124597"
      },
      {
        "category": "external",
        "summary": "2126104",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126104"
      },
      {
        "category": "external",
        "summary": "2126397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126397"
      },
      {
        "category": "external",
        "summary": "2127787",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127787"
      },
      {
        "category": "external",
        "summary": "2127843",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127843"
      },
      {
        "category": "external",
        "summary": "2127931",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127931"
      },
      {
        "category": "external",
        "summary": "2127947",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127947"
      },
      {
        "category": "external",
        "summary": "2128002",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128002"
      },
      {
        "category": "external",
        "summary": "2128107",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128107"
      },
      {
        "category": "external",
        "summary": "2128872",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128872"
      },
      {
        "category": "external",
        "summary": "2128948",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128948"
      },
      {
        "category": "external",
        "summary": "2128949",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128949"
      },
      {
        "category": "external",
        "summary": "2128997",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2128997"
      },
      {
        "category": "external",
        "summary": "2129013",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129013"
      },
      {
        "category": "external",
        "summary": "2129234",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129234"
      },
      {
        "category": "external",
        "summary": "2129301",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129301"
      },
      {
        "category": "external",
        "summary": "2129870",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129870"
      },
      {
        "category": "external",
        "summary": "2130509",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130509"
      },
      {
        "category": "external",
        "summary": "2130588",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130588"
      },
      {
        "category": "external",
        "summary": "2130695",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130695"
      },
      {
        "category": "external",
        "summary": "2130909",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130909"
      },
      {
        "category": "external",
        "summary": "2131157",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131157"
      },
      {
        "category": "external",
        "summary": "2131165",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131165"
      },
      {
        "category": "external",
        "summary": "2131674",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131674"
      },
      {
        "category": "external",
        "summary": "2132031",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132031"
      },
      {
        "category": "external",
        "summary": "2132682",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132682"
      },
      {
        "category": "external",
        "summary": "2132721",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132721"
      },
      {
        "category": "external",
        "summary": "2132744",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132744"
      },
      {
        "category": "external",
        "summary": "2132746",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132746"
      },
      {
        "category": "external",
        "summary": "2132783",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132783"
      },
      {
        "category": "external",
        "summary": "2132793",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132793"
      },
      {
        "category": "external",
        "summary": "2132932",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132932"
      },
      {
        "category": "external",
        "summary": "2133540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133540"
      },
      {
        "category": "external",
        "summary": "2133541",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133541"
      },
      {
        "category": "external",
        "summary": "2133542",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133542"
      },
      {
        "category": "external",
        "summary": "2133543",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133543"
      },
      {
        "category": "external",
        "summary": "2133655",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133655"
      },
      {
        "category": "external",
        "summary": "2133656",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133656"
      },
      {
        "category": "external",
        "summary": "2133659",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133659"
      },
      {
        "category": "external",
        "summary": "2133660",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133660"
      },
      {
        "category": "external",
        "summary": "2134123",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134123"
      },
      {
        "category": "external",
        "summary": "2134672",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134672"
      },
      {
        "category": "external",
        "summary": "2134825",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134825"
      },
      {
        "category": "external",
        "summary": "2135805",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135805"
      },
      {
        "category": "external",
        "summary": "2136051",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136051"
      },
      {
        "category": "external",
        "summary": "2136425",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136425"
      },
      {
        "category": "external",
        "summary": "2136534",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136534"
      },
      {
        "category": "external",
        "summary": "2137123",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137123"
      },
      {
        "category": "external",
        "summary": "2137241",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137241"
      },
      {
        "category": "external",
        "summary": "2137243",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137243"
      },
      {
        "category": "external",
        "summary": "2137349",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137349"
      },
      {
        "category": "external",
        "summary": "2137591",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137591"
      },
      {
        "category": "external",
        "summary": "2137731",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137731"
      },
      {
        "category": "external",
        "summary": "2137733",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137733"
      },
      {
        "category": "external",
        "summary": "2137736",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137736"
      },
      {
        "category": "external",
        "summary": "2137896",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137896"
      },
      {
        "category": "external",
        "summary": "2138112",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138112"
      },
      {
        "category": "external",
        "summary": "2138119",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138119"
      },
      {
        "category": "external",
        "summary": "2138199",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138199"
      },
      {
        "category": "external",
        "summary": "2138653",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138653"
      },
      {
        "category": "external",
        "summary": "2138657",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138657"
      },
      {
        "category": "external",
        "summary": "2138664",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138664"
      },
      {
        "category": "external",
        "summary": "2139257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139257"
      },
      {
        "category": "external",
        "summary": "2139260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139260"
      },
      {
        "category": "external",
        "summary": "2139293",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139293"
      },
      {
        "category": "external",
        "summary": "2139296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139296"
      },
      {
        "category": "external",
        "summary": "2139299",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139299"
      },
      {
        "category": "external",
        "summary": "2139306",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139306"
      },
      {
        "category": "external",
        "summary": "2139479",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139479"
      },
      {
        "category": "external",
        "summary": "2139574",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139574"
      },
      {
        "category": "external",
        "summary": "2139651",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139651"
      },
      {
        "category": "external",
        "summary": "2139687",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139687"
      },
      {
        "category": "external",
        "summary": "2139738",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139738"
      },
      {
        "category": "external",
        "summary": "2139820",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2139820"
      },
      {
        "category": "external",
        "summary": "2140117",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140117"
      },
      {
        "category": "external",
        "summary": "2140521",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140521"
      },
      {
        "category": "external",
        "summary": "2140534",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140534"
      },
      {
        "category": "external",
        "summary": "2140627",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140627"
      },
      {
        "category": "external",
        "summary": "2140730",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140730"
      },
      {
        "category": "external",
        "summary": "2140808",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140808"
      },
      {
        "category": "external",
        "summary": "2140977",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140977"
      },
      {
        "category": "external",
        "summary": "2140982",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140982"
      },
      {
        "category": "external",
        "summary": "2140998",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140998"
      },
      {
        "category": "external",
        "summary": "2141089",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141089"
      },
      {
        "category": "external",
        "summary": "2141302",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141302"
      },
      {
        "category": "external",
        "summary": "2141399",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141399"
      },
      {
        "category": "external",
        "summary": "2141494",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141494"
      },
      {
        "category": "external",
        "summary": "2141654",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141654"
      },
      {
        "category": "external",
        "summary": "2141711",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141711"
      },
      {
        "category": "external",
        "summary": "2142468",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142468"
      },
      {
        "category": "external",
        "summary": "2142470",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142470"
      },
      {
        "category": "external",
        "summary": "2142511",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142511"
      },
      {
        "category": "external",
        "summary": "2142647",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142647"
      },
      {
        "category": "external",
        "summary": "2142891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142891"
      },
      {
        "category": "external",
        "summary": "2142929",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142929"
      },
      {
        "category": "external",
        "summary": "2143268",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143268"
      },
      {
        "category": "external",
        "summary": "2143498",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143498"
      },
      {
        "category": "external",
        "summary": "2143964",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143964"
      },
      {
        "category": "external",
        "summary": "2144580",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144580"
      },
      {
        "category": "external",
        "summary": "2144828",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144828"
      },
      {
        "category": "external",
        "summary": "2144839",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144839"
      },
      {
        "category": "external",
        "summary": "2153849",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153849"
      },
      {
        "category": "external",
        "summary": "2155757",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155757"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0408.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update",
    "tracking": {
      "current_release_date": "2026-06-07T01:01:21+00:00",
      "generator": {
        "date": "2026-06-07T01:01:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2023:0408",
      "initial_release_date": "2023-01-25T11:11:29+00:00",
      "revision_history": [
        {
          "date": "2023-01-25T11:11:29+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-01-25T11:11:29+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-07T01:01:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CNV 4.12 for RHEL 8",
                "product": {
                  "name": "CNV 4.12 for RHEL 8",
                  "product_id": "8Base-CNV-4.12",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:container_native_virtualization:4.12::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
                "product": {
                  "name": "container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
                  "product_id": "container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.12.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
                "product": {
                  "name": "container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
                  "product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.12.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
                  "product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.12.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
                  "product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.12.0-58"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
                "product": {
                  "name": "container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
                  "product_id": "container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.12.0-769"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
                  "product_id": "container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver\u0026tag=v4.12.0-30"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.12.0-30"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.12.0-31"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.12.0-96"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.12.0-96"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
                "product": {
                  "name": "container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
                  "product_id": "container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.12.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
                  "product_id": "container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-console-plugin\u0026tag=v4.12.0-182"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
                  "product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.12.0-64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-copy-template\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-datavolume\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-operator\u0026tag=v4.12.0-40"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
                  "product_id": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status\u0026tag=v4.12.0-55"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
                  "product_id": "container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.12.0-32"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
                "product": {
                  "name": "container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
                  "product_id": "container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.12.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.12.0-24"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
                  "product_id": "container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
                  "product_id": "container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.12.0-72"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.12.0-72"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.12.0-72"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.12.0-72"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.12.0-72"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.12.0-71"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.12.0-72"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
                  "product_id": "container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
                  "product_id": "container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportproxy\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
                  "product_id": "container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-exportserver\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
                  "product_id": "container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
                "product": {
                  "name": "container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
                  "product_id": "container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.12.0-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
                  "product_id": "container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
                  "product_id": "container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.12.0-255"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64",
                "product": {
                  "name": "container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64",
                  "product_id": "container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-network-latency-checkup\u0026tag=v4.12.0-89"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64"
        },
        "product_reference": "container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64"
        },
        "product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64"
        },
        "product_reference": "container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64"
        },
        "product_reference": "container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64"
        },
        "product_reference": "container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        },
        "product_reference": "container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64"
        },
        "product_reference": "container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64"
        },
        "product_reference": "container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64"
        },
        "product_reference": "container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64"
        },
        "product_reference": "container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64"
        },
        "product_reference": "container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64"
        },
        "product_reference": "container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        },
        "product_reference": "container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64"
        },
        "product_reference": "container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64 as a component of CNV 4.12 for RHEL 8",
          "product_id": "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        },
        "product_reference": "container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64",
        "relates_to_product_reference": "8Base-CNV-4.12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-38561",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2022-06-23T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2100495"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows an attacker to cause applications using this package to parse untrusted input data to crash, leading to a denial of service of the affected component.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: out-of-bounds read in golang.org/x/text/language leads to DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw may be triggered only by accepting untrusted user input to the vulnerable golang\u0027s library. The overall DoS attack vector depends directly on how the library\u0027s input is exposed by the consuming application, thus Red Hat rates impact as Moderate.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) 2.5 version, the registration-operator, lighthouse-coredns, lighthouse-agent, gatekeeper-operator, and discovery-operator components are affected by this flaw, but the rest of the components are using an already patched version and are unaffected. For 2.4 and previous versions of Red Hat Advanced Cluster Management for Kubernetes (RHACM), most of the components are affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-38561"
        },
        {
          "category": "external",
          "summary": "RHBZ#2100495",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2100495"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-38561",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-38561"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38561"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2021-0113",
          "url": "https://pkg.go.dev/vuln/GO-2021-0113"
        }
      ],
      "release_date": "2021-08-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: out-of-bounds read in golang.org/x/text/language leads to DoS"
    },
    {
      "cve": "CVE-2021-44716",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030801"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s an uncontrolled resource consumption flaw in golang\u0027s net/http library in the canonicalHeader() function. An attacker who submits specially crafted requests to applications linked with net/http\u0027s http2 functionality could cause excessive resource consumption that could lead to a denial of service or otherwise impact to system performance and resources.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: limit growth of header canonicalization cache",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For OpenShift Container Platform, OpenShift Virtualization, Red Hat Quay and OpenShift distributed tracing the most an attacker can possibly achieve by exploiting this vulnerability is to crash a container, temporarily impacting availability of one or more services. Therefore impact is rated Moderate.\n\nIn its default configuration, grafana as shipped in Red Hat Enterprise Linux 8 is not affected by this vulnerability. However, enabling http2 in /etc/grafana/grafana.ini explicitly would render grafana affected, therefore grafana has been marked affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030801",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030801"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44716",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44716"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
          "url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        },
        {
          "category": "workaround",
          "details": "This flaw can be mitigated by disabling HTTP/2. Setting the GODEBUG=http2server=0 environment variable before calling Serve will disable HTTP/2 unless it was manually configured through the golang.org/x/net/http2 package.",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: limit growth of header canonicalization cache"
    },
    {
      "cve": "CVE-2021-44717",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2030806"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "There\u0027s a flaw in golang\u0027s syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec().",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: don\u0027t close fd 0 on ForkExec error",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* This flaw has had the severity level set to Moderate due to the attack complexity required to exhaust file descriptors at the time ForkExec is called, plus an attacker does not necessarily have direct control over where/how data is leaked.\n\n* For Service Telemetry Framework, because the flaw\u0027s impact is lower, no update will be provided at this time for its containers.\n\n* runc shipped with Red Hat Enterprise Linux 8 and 9 are not affected by this flaw because the flaw is already patched in the shipped versions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "RHBZ#2030806",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2030806"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44717",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44717"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k",
          "url": "https://groups.google.com/g/golang-announce/c/hcmEScgc00k"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        },
        {
          "category": "workaround",
          "details": "This bug can be mitigated by raising the per-process file descriptor limit.",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: don\u0027t close fd 0 on ForkExec error"
    },
    {
      "cve": "CVE-2022-1705",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107374"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating \"chunked\" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: improper sanitization of Transfer-Encoding header",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107374",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1705",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53188",
          "url": "https://go.dev/issue/53188"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: improper sanitization of Transfer-Encoding header"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Oliver Brooks and James Klopchic"
          ],
          "organization": "NCC Group"
        }
      ],
      "cve": "CVE-2022-1798",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2022-08-12T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2117872"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An arbitrary file read vulnerability was found in the kubeVirt API. This flaw makes it possible to use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kubeVirt: Arbitrary file read on the host from KubeVirt VMs",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1798"
        },
        {
          "category": "external",
          "summary": "RHBZ#2117872",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117872"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1798",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1798"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1798",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1798"
        },
        {
          "category": "external",
          "summary": "https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm",
          "url": "https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm"
        }
      ],
      "release_date": "2022-08-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kubeVirt: Arbitrary file read on the host from KubeVirt VMs"
    },
    {
      "cve": "CVE-2022-1962",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107376"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: go/parser: stack exhaustion in all Parse* functions",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1962"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107376",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1962",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1962"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53616",
          "url": "https://go.dev/issue/53616"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: go/parser: stack exhaustion in all Parse* functions"
    },
    {
      "cve": "CVE-2022-23772",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053532"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053532",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23772",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString"
    },
    {
      "cve": "CVE-2022-23773",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053541"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053541",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23773",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control"
    },
    {
      "cve": "CVE-2022-23806",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053429"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 8 and 9 are affected because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having a Moderate security impact. The issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7; hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16 \u0026 1.17), will not be addressed in future updates as shipped only in RHEL-7, hence, marked as Out-of-Support-Scope.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.\n\nThe vulnerability lies in the crypto/elliptic: IsOnCurve taking in negative and invalid forms of data input and resulting in a panic, the resulting invalid data input is also resulting in data sinks in other functions such as marshall that handle elliptic curve cryptography by converting points on an elliptic curve into a binary format for storage or transmission and scalarmult which provides scalar multiplication, all three function takes in invalid forms of data and results in a crash, although the main culprit being isoncurve function, considering the attack complexity being high as the data that reaches the vulnerable function could already be stripped of negative sign and the resultant successful exploitation only leading to a panic/crash the vulnerability has been rated as Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053429",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23806",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements"
    },
    {
      "cve": "CVE-2022-28131",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107390"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/xml: stack exhaustion in Decoder.Skip",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability exists in the calling of the function decoder.skip to a deeply nested XML document. Although the vulnerability exists, it may require that the application accept deeply nested XML from untrusted sources and specifically calls Decoder.Skip on it. In many deployments, that code path might not even be reachable or exposed to external input. On top of that, a successful exploitation will only result in denial of service due to stack exhaustion, which is why this has been marked as moderate by Red Hat.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107390",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28131",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28131",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53614",
          "url": "https://go.dev/issue/53614"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/xml: stack exhaustion in Decoder.Skip"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jo\u00ebl G\u00e4hwiler"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-29526",
      "cwe": {
        "id": "CWE-358",
        "name": "Improperly Implemented Security Check for Standard"
      },
      "discovery_date": "2022-05-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2084085"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file\u0027s group, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: faccessat checks wrong group",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2084085",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        }
      ],
      "release_date": "2022-05-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: faccessat checks wrong group"
    },
    {
      "cve": "CVE-2022-30629",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "discovery_date": "2022-06-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2092793"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: session tickets lack random ticket_age_add",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "RHBZ#2092793",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30629",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg",
          "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg"
        }
      ],
      "release_date": "2022-06-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: crypto/tls: session tickets lack random ticket_age_add"
    },
    {
      "cve": "CVE-2022-30630",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: io/fs: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "RH ProdSec has set the Impact of this vulnerability to Moderate as there is no known method to execute arbitary code. Successful exploitation of this bug can cause the application under attack to panic, merely causing a Denial of Service at the application level. As the kernel is unaffected by this bug, the user can merely relaunch the application to fix the problem. Also, if somehow the application keeps relaunching, the timer watchdogs in the default RHEL kernel will stop the attack in its tracks.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30630",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30630",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53415",
          "url": "https://go.dev/issue/53415"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: io/fs: stack exhaustion in Glob"
    },
    {
      "cve": "CVE-2022-30631",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107342"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: compress/gzip: stack exhaustion in Reader.Read",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit CVE-2022-30631, an attacker supplies a specially crafted gzip archive to a Go application that uses a vulnerable version of the compress/gzip package without adequate input validation. This can lead to uncontrolled recursion, resulting in stack exhaustion and causing the application to panic, thereby affecting its availability.\n\nAs this is merely a DoS and there is no known way to control the instruction pointer, RH ProdSec has set the impact of this vulnerabilty to \"Moderate\".",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107342",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30631",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53168",
          "url": "https://go.dev/issue/53168"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: compress/gzip: stack exhaustion in Reader.Read"
    },
    {
      "cve": "CVE-2022-30632",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107386"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: path/filepath: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The exploitation of this flaw will only result in a denial of service of the application via the application crashing which is why this has been rated as moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107386",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30632",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53416",
          "url": "https://go.dev/issue/53416"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: path/filepath: stack exhaustion in Glob"
    },
    {
      "cve": "CVE-2022-30633",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107392"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the \"any\" field tag, can cause a panic due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/xml: stack exhaustion in Unmarshal",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat has marked this as moderate impact for two primary reasons\n1. Though the vulnerability exists, it is hard to exploit in real scenarios (e.g., the attacker must be able to feed crafted XML documents into specific code paths).\n2. The vulnerability is a denial of service (DoS) due to stack exhaustion rather than code execution or data breach. Since it doesn\u2019t compromise confidentiality or integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107392",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30633",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30633",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53611",
          "url": "https://go.dev/issue/53611"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/xml: stack exhaustion in Unmarshal"
    },
    {
      "cve": "CVE-2022-30635",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107388"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/gob: stack exhaustion in Decoder.Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.The vulnerability has been rated as moderate instead of high because the vulnerability can only result in a minor denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107388",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53615",
          "url": "https://go.dev/issue/53615"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/gob: stack exhaustion in Decoder.Decode"
    },
    {
      "cve": "CVE-2022-32148",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107383"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
          "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
          "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
          "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
          "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
          "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
          "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
          "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107383",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32148",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32148",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53423",
          "url": "https://go.dev/issue/53423"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-01-25T11:11:29+00:00",
          "details": "Before applying this update, you must apply all previously released errata\nrelevant to your system.\n\nTo apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:0408"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.12:container-native-virtualization/bridge-marker@sha256:086a9922f34161e5b75d204a0c3281c941f81f76ef8784de434cc79acc76174c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cluster-network-addons-operator@sha256:d2c19fd4c2327eb84179acf652157982b29c365d8a526d70517c6dd93ea6ebc7_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-containernetworking-plugins@sha256:3d6003dea97e48d240668e55b2705f0251259006251abafaa3dc08fbc69f1312_amd64",
            "8Base-CNV-4.12:container-native-virtualization/cnv-must-gather-rhel8@sha256:dcb95d2b4958ce69f8fcf61c9c90e0516d7844db62f2297ebf1ef18e5d8c05b4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hco-bundle-registry@sha256:73680901c7733ba27f729fd6475971e0909c2fe9efacf74d556f961a1494274e_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-csi-driver@sha256:a0b75e357628ca6b2ca32ab3fdbf531fd8da438a7a6ae8988ef897d2c001d9cb_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:b9d84e63f789c70e31cf60fe06d41359363afc7bbd86a78ac7132f8dae4c467a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5239dcb229b060a818befd52a1e27b18142985abe0e39cef41eadd66f8b21ec1_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-operator@sha256:8b311b48437c79a6859a84f62cfd10ca8e6dcff4ce665a98ed78633552a172ca_amd64",
            "8Base-CNV-4.12:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:e912171328517664f0298322a7992a6e0e00118dc496ff94ee84190d9057db68_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubemacpool@sha256:ab5a239a35e3de8566cb76db0d59ae92e290a3756d39a2298290f1ab3c7b56c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-console-plugin@sha256:e7dd17d4d206b2d37f24a2ed28bf3d2d6a40463da6cbc6b5696555b455f90055_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-ssp-operator@sha256:09a834b1f71a19cf9a616ffd9eb04408972f9b8f9549777cab0935f63931c993_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm@sha256:66284c45e82862dc7c1505fcdfe7b14e72c93c5e7fa6b7108a945220279641e9_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-copy-template@sha256:462770d258407ea93c14c9a99fb4450536261202d1d63a681634af2193c2b062_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-datavolume@sha256:31d22c0be03bbb222967d953d35189173fbeb60d1cb32278eb006e8abe78e90c_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-create-vm-from-template@sha256:a62ec91155a7bfc776c402e8b513b0e00797d64a95434346a2e3a4cc25f2d3c5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize@sha256:35274b72a5562e8675854d8cf2ca3ec0c4d0b619c0e630d7b39b7da8ebd3b143_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-disk-virt-sysprep@sha256:6e6ed3d8b1b906f801e36b82d6976bc421ae8344d71d4c563fe6d8e76b5fe9c4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-modify-vm-template@sha256:b46443d7f21b8b251468e33c929a16008a3ac34a8f50a1d8bc1cd134079ccae4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-operator@sha256:7f11db20a3c635aa48e3dcadfe555d0cd229c4c7f1790f70ee9c9ee78ab55e67_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status@sha256:4967b4c46d670a2b109c9a2e6e0ebc850a5e1dacaf8cc0ed691668bfa0cbd418_amd64",
            "8Base-CNV-4.12:container-native-virtualization/kubevirt-template-validator@sha256:bf732669655db1b09ef27bc1964fe7b49943d681a5acc9860497512d8877e13f_amd64",
            "8Base-CNV-4.12:container-native-virtualization/libguestfs-tools@sha256:4f0d48312d8fe02a17747d65ac644d3e1be2df3cb80a9d0c268acc6ad5b91680_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-marker@sha256:077367d5af11030832a5e63a611395b7fa65ee140b490b6f33f8a23a9392dcd5_amd64",
            "8Base-CNV-4.12:container-native-virtualization/ovs-cni-plugin@sha256:892e339e8eec78f9865d11984c6dc8e92831ee9a17d6b990cd7fba9f2e506e13_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-api@sha256:cd89350a5e6b3a468acd290819d86f2c77d486fa5a57dbac752f863f1a8a2b23_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-artifacts-server@sha256:9638c34ff48d275842a990deb86110530ffd4937b2b551a4d5263168f7db6d47_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-apiserver@sha256:dd68dfc1a588b4e24e533d61b52b68ab0673fd39a95632314f54e1b85cb5f32d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-cloner@sha256:879742e59f3416100969a0d0994e49e3f8cd493310bbd0c0e86e969f86daa204_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-controller@sha256:46689591989c8db1fa1f5228b2b9fb51d7abd0425c34951f909ced1fc536f0e4_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-importer@sha256:f2d011c18db1dd0dbe068bc650418c4b3f2f94935c053e76a52736da0f33867a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-operator@sha256:8b06f96750c3f8e34a7cc8defeda46a92e3ad553159d3dbc7c4e096b483508ee_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadproxy@sha256:84fd85672f6e9891678d6e99c066f8f20a9a2aac08fae11d552d46a317b7f815_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-cdi-uploadserver@sha256:4b231a260a9c0176f4b45aaf8142fa5e6860892b2fa19fad0f3091c423064211_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-controller@sha256:e6ddc32f82e940d364e0a3d63c28b4bd41b71574f9479b6d6b01de948baa8cab_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportproxy@sha256:2dc6b5eca4ba0daffe57ff174efc35764a2021eef35ef84c3d030c0f97329ece_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-exportserver@sha256:dd59838c20f30c7049cbdc4646b8b6f73ce8f33fa13c352ee22985673eaf95e2_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-handler@sha256:cce366a6b1aa42a9798a8c714dcb795d1c653dfe0ba06c997e65dbba0318e537_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-launcher@sha256:bd5b00ece84caed816b3f3cc80d8570324e1e8f975cf2c2320726d88fb64f33a_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virt-operator@sha256:6c4b16ac62e673d8f5116d592836506be72c5ebd2a07ffc828fee86514db0e9d_amd64",
            "8Base-CNV-4.12:container-native-virtualization/virtio-win@sha256:cd321e3d82a87139edabf223414b892c99857d7ac7d089b870e227ea98c970e0_amd64",
            "8Base-CNV-4.12:container-native-virtualization/vm-network-latency-checkup@sha256:5a1502efeeaa3958e5755ce07dcb8314305d75c88cc69ddc7d515457935cdc69_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working"
    }
  ]
}

RHSA-2023:1529

Vulnerability from csaf_redhat - Published: 2023-03-30 00:42 - Updated: 2026-06-07 01:01

Summary

Red Hat Security Advisory: Service Telemetry Framework 1.5 security update

Severity

Moderate

Notes

Topic: An update is now available for Service Telemetry Framework 1.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform (OCP) deployment for storage, retrieval, and monitoring. Security Fix(es): * golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806) * golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772) * golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773) * golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) * golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630) * golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705) * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632) * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-1705

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-23772

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-23773

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-266 - Incorrect Privilege Assignment

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-23806

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CWE-252 - Unchecked Return Value

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-24675

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-27664

A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-28327

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-358 - Improperly Implemented Security Check for Standard

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-30629

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-331 - Insufficient Entropy

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Low

CVE-2022-30630

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-30631

A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-30632

A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-32189

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix Workaround

Known not affected 6 products

Product	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64	—	Workaround
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64	—	Workaround
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64	—	Workaround
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64	—	Workaround
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64	—	Workaround
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64	—	Workaround

Threats

Impact Low

CVE-2022-41715

A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

CVE-2022-41717

A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64		—	Vendor Fix fix

Known not affected 6 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64		—
Unresolved product id: 8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64		—

Threats

Impact Moderate

References

100 references

URL	Category
https://access.redhat.com/errata/RHSA-2023:1529	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053429	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053532	external
https://bugzilla.redhat.com/show_bug.cgi?id=2053541	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092544	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107371	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107374	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107386	external
https://bugzilla.redhat.com/show_bug.cgi?id=2113814	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124669	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132872	external
https://bugzilla.redhat.com/show_bug.cgi?id=2161274	external
https://bugzilla.redhat.com/show_bug.cgi?id=2176537	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2022-1705	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107374	external
https://www.cve.org/CVERecord?id=CVE-2022-1705	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1705	external
https://go.dev/issue/53188	external
https://groups.google.com/g/golang-announce/c/nqr…	external
https://access.redhat.com/security/cve/CVE-2022-23772	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053532	external
https://www.cve.org/CVERecord?id=CVE-2022-23772	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23772	external
https://groups.google.com/g/golang-announce/c/SUs…	external
https://access.redhat.com/security/cve/CVE-2022-23773	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053541	external
https://www.cve.org/CVERecord?id=CVE-2022-23773	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23773	external
https://access.redhat.com/security/cve/CVE-2022-23806	self
https://bugzilla.redhat.com/show_bug.cgi?id=2053429	external
https://www.cve.org/CVERecord?id=CVE-2022-23806	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23806	external
https://access.redhat.com/security/cve/CVE-2022-24675	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://www.cve.org/CVERecord?id=CVE-2022-24675	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24675	external
https://groups.google.com/g/golang-announce/c/oec…	external
https://access.redhat.com/security/cve/CVE-2022-27664	self
https://bugzilla.redhat.com/show_bug.cgi?id=2124669	external
https://www.cve.org/CVERecord?id=CVE-2022-27664	external
https://nvd.nist.gov/vuln/detail/CVE-2022-27664	external
https://go.dev/issue/54658	external
https://groups.google.com/g/golang-announce/c/x49…	external
https://access.redhat.com/security/cve/CVE-2022-28327	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://www.cve.org/CVERecord?id=CVE-2022-28327	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28327	external
https://access.redhat.com/security/cve/CVE-2022-29526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://www.cve.org/CVERecord?id=CVE-2022-29526	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29526	external
https://groups.google.com/g/golang-announce/c/Y5q…	external
https://access.redhat.com/security/cve/CVE-2022-30629	self
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://www.cve.org/CVERecord?id=CVE-2022-30629	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30629	external
https://groups.google.com/g/golang-announce/c/TzI…	external
https://access.redhat.com/security/cve/CVE-2022-30630	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107371	external
https://www.cve.org/CVERecord?id=CVE-2022-30630	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30630	external
https://go.dev/issue/53415	external
https://access.redhat.com/security/cve/CVE-2022-30631	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://www.cve.org/CVERecord?id=CVE-2022-30631	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30631	external
https://go.dev/issue/53168	external
https://access.redhat.com/security/cve/CVE-2022-30632	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107386	external
https://www.cve.org/CVERecord?id=CVE-2022-30632	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30632	external
https://go.dev/issue/53416	external
https://access.redhat.com/security/cve/CVE-2022-32189	self
https://bugzilla.redhat.com/show_bug.cgi?id=2113814	external
https://www.cve.org/CVERecord?id=CVE-2022-32189	external
https://nvd.nist.gov/vuln/detail/CVE-2022-32189	external
https://go.dev/issue/53871	external
https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU	external
https://access.redhat.com/security/cve/CVE-2022-41715	self
https://bugzilla.redhat.com/show_bug.cgi?id=2132872	external
https://www.cve.org/CVERecord?id=CVE-2022-41715	external
https://nvd.nist.gov/vuln/detail/CVE-2022-41715	external
https://github.com/golang/go/issues/55949	external
https://groups.google.com/g/golang-announce/c/xtu…	external
https://access.redhat.com/security/cve/CVE-2022-41717	self
https://bugzilla.redhat.com/show_bug.cgi?id=2161274	external
https://www.cve.org/CVERecord?id=CVE-2022-41717	external
https://nvd.nist.gov/vuln/detail/CVE-2022-41717	external
https://go.dev/cl/455635	external
https://go.dev/cl/455717	external
https://go.dev/issue/56350	external
https://groups.google.com/g/golang-announce/c/L_3…	external
https://pkg.go.dev/vuln/GO-2022-1144	external

Acknowledgments

Joël Gähwiler

ADA Logics Adam Korczynski

OSS-Fuzz

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Service Telemetry Framework 1.5.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform (OCP) deployment for storage, retrieval, and monitoring.\n\nSecurity Fix(es):\n\n* golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:1529",
        "url": "https://access.redhat.com/errata/RHSA-2023:1529"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2053429",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
      },
      {
        "category": "external",
        "summary": "2053532",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
      },
      {
        "category": "external",
        "summary": "2053541",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
      },
      {
        "category": "external",
        "summary": "2077688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
      },
      {
        "category": "external",
        "summary": "2077689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
      },
      {
        "category": "external",
        "summary": "2084085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
      },
      {
        "category": "external",
        "summary": "2092544",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092544"
      },
      {
        "category": "external",
        "summary": "2092793",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
      },
      {
        "category": "external",
        "summary": "2107342",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
      },
      {
        "category": "external",
        "summary": "2107371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"
      },
      {
        "category": "external",
        "summary": "2107374",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
      },
      {
        "category": "external",
        "summary": "2107386",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
      },
      {
        "category": "external",
        "summary": "2113814",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
      },
      {
        "category": "external",
        "summary": "2124669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
      },
      {
        "category": "external",
        "summary": "2132872",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
      },
      {
        "category": "external",
        "summary": "2161274",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
      },
      {
        "category": "external",
        "summary": "2176537",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176537"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1529.json"
      }
    ],
    "title": "Red Hat Security Advisory: Service Telemetry Framework 1.5 security update",
    "tracking": {
      "current_release_date": "2026-06-07T01:01:22+00:00",
      "generator": {
        "date": "2026-06-07T01:01:22+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2023:1529",
      "initial_release_date": "2023-03-30T00:42:39+00:00",
      "revision_history": [
        {
          "date": "2023-03-30T00:42:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-03-30T00:42:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-07T01:01:22+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Service Telemetry Framework 1.5 for RHEL 8",
                "product": {
                  "name": "Service Telemetry Framework 1.5 for RHEL 8",
                  "product_id": "8Base-STF-1.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:stf:1.5::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
                "product": {
                  "name": "stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
                  "product_id": "stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f?arch=amd64\u0026repository_url=registry.redhat.io/stf/prometheus-webhook-snmp-rhel8\u0026tag=1.5.2-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
                "product": {
                  "name": "stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
                  "product_id": "stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717?arch=amd64\u0026repository_url=registry.redhat.io/stf/service-telemetry-operator-bundle\u0026tag=1.5.1678301890-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
                "product": {
                  "name": "stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
                  "product_id": "stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0?arch=amd64\u0026repository_url=registry.redhat.io/stf/service-telemetry-rhel8-operator\u0026tag=1.5.1-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
                "product": {
                  "name": "stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
                  "product_id": "stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28?arch=amd64\u0026repository_url=registry.redhat.io/stf/sg-bridge-rhel8\u0026tag=1.5.0-12"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
                "product": {
                  "name": "stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
                  "product_id": "stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37?arch=amd64\u0026repository_url=registry.redhat.io/stf/sg-core-rhel8\u0026tag=5.1.1-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
                "product": {
                  "name": "stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
                  "product_id": "stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546?arch=amd64\u0026repository_url=registry.redhat.io/stf/smart-gateway-operator-bundle\u0026tag=5.0.1678301890-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64",
                "product": {
                  "name": "stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64",
                  "product_id": "stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471?arch=amd64\u0026repository_url=registry.redhat.io/stf/smart-gateway-rhel8-operator\u0026tag=5.0.1-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64"
        },
        "product_reference": "stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64"
        },
        "product_reference": "stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64"
        },
        "product_reference": "stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64"
        },
        "product_reference": "stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        },
        "product_reference": "stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64"
        },
        "product_reference": "stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64 as a component of Service Telemetry Framework 1.5 for RHEL 8",
          "product_id": "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        },
        "product_reference": "stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64",
        "relates_to_product_reference": "8Base-STF-1.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-1705",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107374"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating \"chunked\" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: improper sanitization of Transfer-Encoding header",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107374",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1705",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53188",
          "url": "https://go.dev/issue/53188"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: improper sanitization of Transfer-Encoding header"
    },
    {
      "cve": "CVE-2022-23772",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053532"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the big package of the math library in golang. The Rat.SetString could cause an overflow, and if left unhandled, it could lead to excessive memory use. This issue could allow a remote attacker to impact the availability of the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053532",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053532"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23772",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23772"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-01-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString"
    },
    {
      "cve": "CVE-2022-23773",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053541"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the go package of the cmd library in golang. The go command could be tricked into accepting a branch, which resembles a version tag. This issue could allow a remote unauthenticated attacker to bypass security restrictions and introduce invalid or incorrect tags, reducing the integrity of the environment.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053541",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053541"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23773",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23773"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: cmd/go: misinterpretation of branch names can lead to incorrect access control"
    },
    {
      "cve": "CVE-2022-23806",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2022-02-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2053429"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the elliptic package of the crypto library in golang when the IsOnCurve function could return true for invalid field elements. This flaw allows an attacker to take advantage of this undefined behavior, affecting the availability and integrity of the resource.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 8 and 9 are affected because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having a Moderate security impact. The issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7; hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16 \u0026 1.17), will not be addressed in future updates as shipped only in RHEL-7, hence, marked as Out-of-Support-Scope.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.\n\nThe vulnerability lies in the crypto/elliptic: IsOnCurve taking in negative and invalid forms of data input and resulting in a panic, the resulting invalid data input is also resulting in data sinks in other functions such as marshall that handle elliptic curve cryptography by converting points on an elliptic curve into a binary format for storage or transmission and scalarmult which provides scalar multiplication, all three function takes in invalid forms of data and results in a crash, although the main culprit being isoncurve function, considering the attack complexity being high as the data that reaches the vulnerable function could already be stripped of negative sign and the resultant successful exploitation only leading to a panic/crash the vulnerability has been rated as Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "RHBZ#2053429",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053429"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23806",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23806"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ",
          "url": "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ"
        }
      ],
      "release_date": "2022-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: IsOnCurve returns true for invalid field elements"
    },
    {
      "cve": "CVE-2022-24675",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/pem: fix stack overflow in Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/pem: fix stack overflow in Decode"
    },
    {
      "cve": "CVE-2022-27664",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2124669"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: handle server errors after sending GOAWAY",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "RHBZ#2124669",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/54658",
          "url": "https://go.dev/issue/54658"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
          "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
        }
      ],
      "release_date": "2022-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: handle server errors after sending GOAWAY"
    },
    {
      "cve": "CVE-2022-28327",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077689"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: panic caused by oversized scalar",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077689",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: panic caused by oversized scalar"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jo\u00ebl G\u00e4hwiler"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-29526",
      "cwe": {
        "id": "CWE-358",
        "name": "Improperly Implemented Security Check for Standard"
      },
      "discovery_date": "2022-05-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2084085"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file\u0027s group, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: faccessat checks wrong group",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2084085",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        }
      ],
      "release_date": "2022-05-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: faccessat checks wrong group"
    },
    {
      "cve": "CVE-2022-30629",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "discovery_date": "2022-06-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2092793"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: session tickets lack random ticket_age_add",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "RHBZ#2092793",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30629",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg",
          "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg"
        }
      ],
      "release_date": "2022-06-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: crypto/tls: session tickets lack random ticket_age_add"
    },
    {
      "cve": "CVE-2022-30630",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: io/fs: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "RH ProdSec has set the Impact of this vulnerability to Moderate as there is no known method to execute arbitary code. Successful exploitation of this bug can cause the application under attack to panic, merely causing a Denial of Service at the application level. As the kernel is unaffected by this bug, the user can merely relaunch the application to fix the problem. Also, if somehow the application keeps relaunching, the timer watchdogs in the default RHEL kernel will stop the attack in its tracks.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30630",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30630",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53415",
          "url": "https://go.dev/issue/53415"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: io/fs: stack exhaustion in Glob"
    },
    {
      "cve": "CVE-2022-30631",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107342"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: compress/gzip: stack exhaustion in Reader.Read",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit CVE-2022-30631, an attacker supplies a specially crafted gzip archive to a Go application that uses a vulnerable version of the compress/gzip package without adequate input validation. This can lead to uncontrolled recursion, resulting in stack exhaustion and causing the application to panic, thereby affecting its availability.\n\nAs this is merely a DoS and there is no known way to control the instruction pointer, RH ProdSec has set the impact of this vulnerabilty to \"Moderate\".",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107342",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30631",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53168",
          "url": "https://go.dev/issue/53168"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: compress/gzip: stack exhaustion in Reader.Read"
    },
    {
      "cve": "CVE-2022-30632",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107386"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: path/filepath: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The exploitation of this flaw will only result in a denial of service of the application via the application crashing which is why this has been rated as moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107386",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30632",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53416",
          "url": "https://go.dev/issue/53416"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: path/filepath: stack exhaustion in Glob"
    },
    {
      "cve": "CVE-2022-32189",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2113814"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "RHBZ#2113814",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53871",
          "url": "https://go.dev/issue/53871"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
          "url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
        }
      ],
      "release_date": "2022-08-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Adam Korczynski"
          ],
          "organization": "ADA Logics"
        },
        {
          "names": [
            "OSS-Fuzz"
          ]
        }
      ],
      "cve": "CVE-2022-41715",
      "discovery_date": "2022-10-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2132872"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: regexp/syntax: limit memory used by parsing regexps",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "RHBZ#2132872",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/go/issues/55949",
          "url": "https://github.com/golang/go/issues/55949"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
          "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
        }
      ],
      "release_date": "2022-10-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: regexp/syntax: limit memory used by parsing regexps"
    },
    {
      "cve": "CVE-2022-41717",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2023-01-16T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2161274"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
        ],
        "known_not_affected": [
          "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
          "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
          "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
          "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
          "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
          "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41717"
        },
        {
          "category": "external",
          "summary": "RHBZ#2161274",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/455635",
          "url": "https://go.dev/cl/455635"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/455717",
          "url": "https://go.dev/cl/455717"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/56350",
          "url": "https://go.dev/issue/56350"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
          "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2022-1144",
          "url": "https://pkg.go.dev/vuln/GO-2022-1144"
        }
      ],
      "release_date": "2022-11-30T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-03-30T00:42:39+00:00",
          "details": "The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally.",
          "product_ids": [
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:1529"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-STF-1.5:stf/prometheus-webhook-snmp-rhel8@sha256:a53c3dc5955a72913788a3eeda32f725b2f5ef6e893022cc358f20414eb5074f_amd64",
            "8Base-STF-1.5:stf/service-telemetry-operator-bundle@sha256:617009676fbc385e222f144f79819b2cdcdafb28ae8674a53cdf8676f69d3717_amd64",
            "8Base-STF-1.5:stf/service-telemetry-rhel8-operator@sha256:f71352691d5e680eb09a67ef2e7208a40a10a0b781b451150ced7408dfc603d0_amd64",
            "8Base-STF-1.5:stf/sg-bridge-rhel8@sha256:d42174e8f6fbc91666ee2d78483f362f4de3f0ea551ea6d2bf310dadb1b5ba28_amd64",
            "8Base-STF-1.5:stf/sg-core-rhel8@sha256:f3ac213d5ff7470ad8a9175fa699033c5c2ee7cd6cf5eb5f4e081de00e94cd37_amd64",
            "8Base-STF-1.5:stf/smart-gateway-operator-bundle@sha256:08209b33986a186c90ec84140c833fdd892358583d3a7cb8c73f4732fe210546_amd64",
            "8Base-STF-1.5:stf/smart-gateway-rhel8-operator@sha256:9ea6481e460623bd551f5facb1d8cee105103ad380a32cb3efcc0714b60db471_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
    }
  ]
}

RHSA-2023:3642

Vulnerability from csaf_redhat - Published: 2023-06-15 15:59 - Updated: 2026-06-07 01:01

Summary

Red Hat Security Advisory: Red Hat Ceph Storage 6.1 Container security and bug fix update

Severity

Important

Notes

Topic: A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9. Security Fix(es): * crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements (CVE-2022-41912) * eventsource: Exposure of Sensitive Information (CVE-2022-1650) * grafana: stored XSS vulnerability (CVE-2022-31097) * grafana: OAuth account takeover (CVE-2022-31107) * ramda: prototype poisoning (CVE-2021-42581) * golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880) * marked: regular expression block.def may lead Denial of Service (CVE-2022-21680) * marked: regular expression inline.reflinkSearch may lead Denial of Service (CVE-2022-21681) * golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675) * Moment.js: Path traversal in moment.locale (CVE-2022-24785) * grafana: An information leak issue was discovered in Grafana through 7.3.4, when integrated with Zabbix (CVE-2022-26148) * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) * golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131) * golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327) * golang: syscall: faccessat checks wrong group (CVE-2022-29526) * golang: io/fs: stack exhaustion in Glob (CVE-2022-30630) * golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631) * golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632) * golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633) * golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635) * grafana: plugin signature bypass (CVE-2022-31123) * grafana: data source and plugin proxy endpoints leaking authentication tokens to some destination plugins (CVE-2022-31130) * golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148) * golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190) * grafana: Escalation from admin to server admin when auth proxy is used (CVE-2022-35957) * grafana: Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins (CVE-2022-39201) * grafana: using email as a username can block other users from signing in (CVE-2022-39229) * grafana: email addresses and usernames cannot be trusted (CVE-2022-39306) * grafana: User enumeration via forget password (CVE-2022-39307) * grafana: Spoofing of the originalUrl parameter of snapshots (CVE-2022-39324) * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629) * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6.1/html/release_notes/index All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.

CVE-2021-42581

A flaw was found in the Ramda NPM package that involves prototype poisoning. This flaw allows attackers to supply a crafted object, affecting the integrity or availability of the application.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-1650

9.3 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Important

CVE-2022-1705

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-2880

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-21680

A vulnerability was found in the markedjs package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-186 - Overly Restrictive Regular Expression

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-21681

A vulnerability was found in the markedjs package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-186 - Overly Restrictive Regular Expression

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-23498

A flaw was found in the Grafana package. When data-source query caching is enabled, Grafana caches all headers, including `grafana_session.` As a result, any user that queries a data source where the caching is enabled can acquire another user’s session.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 18 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2022-24675

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-24785

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x	—	Workaround

Threats

Impact Moderate

CVE-2022-26148

A flaw was found in Grafana when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right-click to view the source code and use Ctrl-F to search for the password in api_jsonrpc.php to discover the Zabbix account password and URL address.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-312 - Cleartext Storage of Sensitive Information

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-27664

A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-28131

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-28327

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-190 - Integer Overflow or Wraparound

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-358 - Improperly Implemented Security Check for Standard

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-30629

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-331 - Insufficient Entropy

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Low

CVE-2022-30630

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-30631

A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-30632

A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-30633

A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the "any" field tag, can cause a panic due to stack exhaustion.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-30635

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1325 - Improperly Controlled Sequential Memory Allocation

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-31097

A Cross-site scripting (XSS) vulnerability was found in the Unified Alerting feature of Grafana. This stored XSS can elevate privileges from Editor to Admin.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x	—	Workaround

Threats

Impact Important

CVE-2022-31107

A flaw was found in Grafana. This flaw allows a malicious user with the authorization to log into a Grafana instance via a configured OAuth IdP to take over an existing Grafana account under certain conditions.

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

CWE-287 - Improper Authentication

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x	—	Workaround

Threats

Impact Important

CVE-2022-31123

A flaw was found in the Grafana web application, where it is possible to install plugins which are not digitally signed. An admin could install unsigned plugins, which may contain malicious code.

6.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-31130

A flaw was found in Grafana's use of the GitLab data source plugin, leaking the API key to gitlab. This can result in the destination plugin receiving a Grafana user's authentication token, which could be used by an attacker.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-32148

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-32189

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix Workaround

Known not affected 15 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64	—	Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x	—	Workaround

Threats

Impact Low

CVE-2022-32190

A flaw was found in the golang package. The JoinPath doesn't remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-35957

A flaw was found in the grafana package. Auth proxy allows authentication of a user by only providing the username (or email) in an X-WEBAUTH-USER HTTP header. The trust assumption is that a front proxy will take care of authentication and that the Grafana server is only publicly reachable with this front proxy.

6.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-288 - Authentication Bypass Using an Alternate Path or Channel

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-39201

A flaw was found in Grafana. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. Grafana could leak the authentication cookie of users to plugins, which could result in an impact to confidentiality, integrity, and availability.

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-39229

A flaw was found in the Grafana web application. When a user logs into the system, either the username or email address can be used. However, the login system allows both a username and connected email to be registered, which could allow an attacker to prevent a user which has an associated email address access.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-39306

An authentication bypass flaw was discovered in Grafana. This issue could allow a remote unauthenticated attacker to create an account and provide access to a certain organization, which can be exploited by gaining access to the signup link. The highest impacts to the system are confidentiality and integrity.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-303 - Incorrect Implementation of Authentication Algorithm

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-39307

An information leak was discovered in Grafana. Remote unauthenticated users could exploit the forget password feature to discover which user accounts exist.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-209 - Generation of Error Message Containing Sensitive Information

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-39324

A flaw was found in the grafana package. While creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the "Open original dashboard" button.

6.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

CWE-472 - External Control of Assumed-Immutable Web Parameter

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-41715

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Moderate

CVE-2022-41912

An authentication bypass flaw was discovered in the crewjam/saml go package. A remote unauthenticated attacker could trigger it by sending a SAML request. This would allow an escalation of privileges and then enable compromising system integrity.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-347 - Improper Verification of Cryptographic Signature

Affected products

Fixed 3 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le	—	Vendor Fix fix

Known not affected 15 products

Product	Identifier	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64		—
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x		—

Threats

Impact Important

References

213 references

URL	Category
https://access.redhat.com/errata/RHSA-2023:3642	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/documentation/en-us/red…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2066563	external
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://bugzilla.redhat.com/show_bug.cgi?id=2082705	external
https://bugzilla.redhat.com/show_bug.cgi?id=2082706	external
https://bugzilla.redhat.com/show_bug.cgi?id=2083778	external
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://bugzilla.redhat.com/show_bug.cgi?id=2085307	external
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104365	external
https://bugzilla.redhat.com/show_bug.cgi?id=2104367	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107371	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107374	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107383	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107386	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107388	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107390	external
https://bugzilla.redhat.com/show_bug.cgi?id=2107392	external
https://bugzilla.redhat.com/show_bug.cgi?id=2113814	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124668	external
https://bugzilla.redhat.com/show_bug.cgi?id=2124669	external
https://bugzilla.redhat.com/show_bug.cgi?id=2125514	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131146	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131147	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131148	external
https://bugzilla.redhat.com/show_bug.cgi?id=2131149	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132868	external
https://bugzilla.redhat.com/show_bug.cgi?id=2132872	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138014	external
https://bugzilla.redhat.com/show_bug.cgi?id=2138015	external
https://bugzilla.redhat.com/show_bug.cgi?id=2148252	external
https://bugzilla.redhat.com/show_bug.cgi?id=2149181	external
https://bugzilla.redhat.com/show_bug.cgi?id=2168965	external
https://bugzilla.redhat.com/show_bug.cgi?id=2174461	external
https://bugzilla.redhat.com/show_bug.cgi?id=2174462	external
https://bugzilla.redhat.com/show_bug.cgi?id=2186142	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2021-42581	self
https://bugzilla.redhat.com/show_bug.cgi?id=2083778	external
https://www.cve.org/CVERecord?id=CVE-2021-42581	external
https://nvd.nist.gov/vuln/detail/CVE-2021-42581	external
https://github.com/ramda/ramda/pull/3192	external
https://access.redhat.com/security/cve/CVE-2022-1650	self
https://bugzilla.redhat.com/show_bug.cgi?id=2085307	external
https://www.cve.org/CVERecord?id=CVE-2022-1650	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1650	external
https://huntr.dev/bounties/dc9e467f-be5d-4945-867…	external
https://access.redhat.com/security/cve/CVE-2022-1705	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107374	external
https://www.cve.org/CVERecord?id=CVE-2022-1705	external
https://nvd.nist.gov/vuln/detail/CVE-2022-1705	external
https://go.dev/issue/53188	external
https://groups.google.com/g/golang-announce/c/nqr…	external
https://access.redhat.com/security/cve/CVE-2022-2880	self
https://bugzilla.redhat.com/show_bug.cgi?id=2132868	external
https://www.cve.org/CVERecord?id=CVE-2022-2880	external
https://nvd.nist.gov/vuln/detail/CVE-2022-2880	external
https://github.com/golang/go/issues/54663	external
https://groups.google.com/g/golang-announce/c/xtu…	external
https://access.redhat.com/security/cve/CVE-2022-21680	self
https://bugzilla.redhat.com/show_bug.cgi?id=2082705	external
https://www.cve.org/CVERecord?id=CVE-2022-21680	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21680	external
https://access.redhat.com/security/cve/CVE-2022-21681	self
https://bugzilla.redhat.com/show_bug.cgi?id=2082706	external
https://www.cve.org/CVERecord?id=CVE-2022-21681	external
https://nvd.nist.gov/vuln/detail/CVE-2022-21681	external
https://access.redhat.com/security/cve/CVE-2022-23498	self
https://bugzilla.redhat.com/show_bug.cgi?id=2167266	external
https://www.cve.org/CVERecord?id=CVE-2022-23498	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23498	external
https://github.com/grafana/grafana/security/advis…	external
https://access.redhat.com/security/cve/CVE-2022-24675	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077688	external
https://www.cve.org/CVERecord?id=CVE-2022-24675	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24675	external
https://groups.google.com/g/golang-announce/c/oec…	external
https://access.redhat.com/security/cve/CVE-2022-24785	self
https://bugzilla.redhat.com/show_bug.cgi?id=2072009	external
https://www.cve.org/CVERecord?id=CVE-2022-24785	external
https://nvd.nist.gov/vuln/detail/CVE-2022-24785	external
https://github.com/moment/moment/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2022-26148	self
https://bugzilla.redhat.com/show_bug.cgi?id=2066563	external
https://www.cve.org/CVERecord?id=CVE-2022-26148	external
https://nvd.nist.gov/vuln/detail/CVE-2022-26148	external
https://access.redhat.com/security/cve/CVE-2022-27664	self
https://bugzilla.redhat.com/show_bug.cgi?id=2124669	external
https://www.cve.org/CVERecord?id=CVE-2022-27664	external
https://nvd.nist.gov/vuln/detail/CVE-2022-27664	external
https://go.dev/issue/54658	external
https://groups.google.com/g/golang-announce/c/x49…	external
https://access.redhat.com/security/cve/CVE-2022-28131	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107390	external
https://www.cve.org/CVERecord?id=CVE-2022-28131	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28131	external
https://go.dev/issue/53614	external
https://access.redhat.com/security/cve/CVE-2022-28327	self
https://bugzilla.redhat.com/show_bug.cgi?id=2077689	external
https://www.cve.org/CVERecord?id=CVE-2022-28327	external
https://nvd.nist.gov/vuln/detail/CVE-2022-28327	external
https://access.redhat.com/security/cve/CVE-2022-29526	self
https://bugzilla.redhat.com/show_bug.cgi?id=2084085	external
https://www.cve.org/CVERecord?id=CVE-2022-29526	external
https://nvd.nist.gov/vuln/detail/CVE-2022-29526	external
https://groups.google.com/g/golang-announce/c/Y5q…	external
https://access.redhat.com/security/cve/CVE-2022-30629	self
https://bugzilla.redhat.com/show_bug.cgi?id=2092793	external
https://www.cve.org/CVERecord?id=CVE-2022-30629	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30629	external
https://groups.google.com/g/golang-announce/c/TzI…	external
https://access.redhat.com/security/cve/CVE-2022-30630	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107371	external
https://www.cve.org/CVERecord?id=CVE-2022-30630	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30630	external
https://go.dev/issue/53415	external
https://access.redhat.com/security/cve/CVE-2022-30631	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107342	external
https://www.cve.org/CVERecord?id=CVE-2022-30631	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30631	external
https://go.dev/issue/53168	external
https://access.redhat.com/security/cve/CVE-2022-30632	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107386	external
https://www.cve.org/CVERecord?id=CVE-2022-30632	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30632	external
https://go.dev/issue/53416	external
https://access.redhat.com/security/cve/CVE-2022-30633	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107392	external
https://www.cve.org/CVERecord?id=CVE-2022-30633	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30633	external
https://go.dev/issue/53611	external
https://access.redhat.com/security/cve/CVE-2022-30635	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107388	external
https://www.cve.org/CVERecord?id=CVE-2022-30635	external
https://nvd.nist.gov/vuln/detail/CVE-2022-30635	external
https://go.dev/issue/53615	external
https://access.redhat.com/security/cve/CVE-2022-31097	self
https://bugzilla.redhat.com/show_bug.cgi?id=2104365	external
https://www.cve.org/CVERecord?id=CVE-2022-31097	external
https://nvd.nist.gov/vuln/detail/CVE-2022-31097	external
https://github.com/grafana/grafana/security/advis…	external
https://access.redhat.com/security/cve/CVE-2022-31107	self
https://bugzilla.redhat.com/show_bug.cgi?id=2104367	external
https://www.cve.org/CVERecord?id=CVE-2022-31107	external
https://nvd.nist.gov/vuln/detail/CVE-2022-31107	external
https://github.com/grafana/grafana/security/advis…	external
https://access.redhat.com/security/cve/CVE-2022-31123	self
https://bugzilla.redhat.com/show_bug.cgi?id=2131147	external
https://www.cve.org/CVERecord?id=CVE-2022-31123	external
https://nvd.nist.gov/vuln/detail/CVE-2022-31123	external
https://github.com/grafana/grafana/security/advis…	external
https://access.redhat.com/security/cve/CVE-2022-31130	self
https://bugzilla.redhat.com/show_bug.cgi?id=2131146	external
https://www.cve.org/CVERecord?id=CVE-2022-31130	external
https://nvd.nist.gov/vuln/detail/CVE-2022-31130	external
https://access.redhat.com/security/cve/CVE-2022-32148	self
https://bugzilla.redhat.com/show_bug.cgi?id=2107383	external
https://www.cve.org/CVERecord?id=CVE-2022-32148	external
https://nvd.nist.gov/vuln/detail/CVE-2022-32148	external
https://go.dev/issue/53423	external
https://access.redhat.com/security/cve/CVE-2022-32189	self
https://bugzilla.redhat.com/show_bug.cgi?id=2113814	external
https://www.cve.org/CVERecord?id=CVE-2022-32189	external
https://nvd.nist.gov/vuln/detail/CVE-2022-32189	external
https://go.dev/issue/53871	external
https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU	external
https://access.redhat.com/security/cve/CVE-2022-32190	self
https://bugzilla.redhat.com/show_bug.cgi?id=2124668	external
https://www.cve.org/CVERecord?id=CVE-2022-32190	external
https://nvd.nist.gov/vuln/detail/CVE-2022-32190	external
https://go.dev/issue/54385	external
https://access.redhat.com/security/cve/CVE-2022-35957	self
https://bugzilla.redhat.com/show_bug.cgi?id=2125514	external
https://www.cve.org/CVERecord?id=CVE-2022-35957	external
https://nvd.nist.gov/vuln/detail/CVE-2022-35957	external
https://github.com/grafana/grafana/security/advis…	external
https://access.redhat.com/security/cve/CVE-2022-39201	self
https://bugzilla.redhat.com/show_bug.cgi?id=2131148	external
https://www.cve.org/CVERecord?id=CVE-2022-39201	external
https://nvd.nist.gov/vuln/detail/CVE-2022-39201	external
https://access.redhat.com/security/cve/CVE-2022-39229	self
https://bugzilla.redhat.com/show_bug.cgi?id=2131149	external
https://www.cve.org/CVERecord?id=CVE-2022-39229	external
https://nvd.nist.gov/vuln/detail/CVE-2022-39229	external
https://access.redhat.com/security/cve/CVE-2022-39306	self
https://bugzilla.redhat.com/show_bug.cgi?id=2138014	external
https://www.cve.org/CVERecord?id=CVE-2022-39306	external
https://nvd.nist.gov/vuln/detail/CVE-2022-39306	external
https://grafana.com/blog/2022/11/08/security-rele…	external
https://access.redhat.com/security/cve/CVE-2022-39307	self
https://bugzilla.redhat.com/show_bug.cgi?id=2138015	external
https://www.cve.org/CVERecord?id=CVE-2022-39307	external
https://nvd.nist.gov/vuln/detail/CVE-2022-39307	external
https://access.redhat.com/security/cve/CVE-2022-39324	self
https://bugzilla.redhat.com/show_bug.cgi?id=2148252	external
https://www.cve.org/CVERecord?id=CVE-2022-39324	external
https://nvd.nist.gov/vuln/detail/CVE-2022-39324	external
https://grafana.com/blog/2023/01/25/grafana-secur…	external
https://access.redhat.com/security/cve/CVE-2022-41715	self
https://bugzilla.redhat.com/show_bug.cgi?id=2132872	external
https://www.cve.org/CVERecord?id=CVE-2022-41715	external
https://nvd.nist.gov/vuln/detail/CVE-2022-41715	external
https://github.com/golang/go/issues/55949	external
https://access.redhat.com/security/cve/CVE-2022-41912	self
https://bugzilla.redhat.com/show_bug.cgi?id=2149181	external
https://www.cve.org/CVERecord?id=CVE-2022-41912	external
https://nvd.nist.gov/vuln/detail/CVE-2022-41912	external
https://github.com/crewjam/saml/security/advisori…	external

Acknowledgments

Head of Research, Oxeye Daniel Abeles

Security Researcher, Oxeye Gal Goldstein

Joël Gähwiler

HTTPVoid team

Grafana Team

Grafana Security Team

ADA Logics Adam Korczynski

OSS-Fuzz

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.\n\nThis new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 9.\n\nSecurity Fix(es):\n\n* crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements (CVE-2022-41912)\n\n* eventsource: Exposure of Sensitive Information (CVE-2022-1650)\n\n* grafana: stored XSS vulnerability (CVE-2022-31097)\n\n* grafana: OAuth account takeover (CVE-2022-31107)\n\n* ramda: prototype poisoning (CVE-2021-42581)\n\n* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* marked: regular expression block.def may lead Denial of Service (CVE-2022-21680)\n\n* marked: regular expression inline.reflinkSearch may lead Denial of Service (CVE-2022-21681)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* Moment.js: Path traversal  in moment.locale (CVE-2022-24785)\n\n* grafana: An information leak issue was discovered in Grafana through 7.3.4, when integrated with Zabbix (CVE-2022-26148)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\n* golang: syscall: faccessat checks wrong group (CVE-2022-29526)\n\n* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* grafana: plugin signature bypass (CVE-2022-31123)\n\n* grafana: data source and plugin proxy endpoints leaking authentication tokens to some destination plugins (CVE-2022-31130)\n\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\n* grafana: Escalation from admin to server admin when auth proxy is used (CVE-2022-35957)\n\n* grafana: Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins (CVE-2022-39201)\n\n* grafana: using email as a username can block other users from signing in (CVE-2022-39229)\n\n* grafana: email addresses and usernames cannot be trusted (CVE-2022-39306)\n\n* grafana: User enumeration via forget password (CVE-2022-39307)\n\n* grafana: Spoofing of the originalUrl parameter of snapshots (CVE-2022-39324)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nSpace precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6.1/html/release_notes/index\n\nAll users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:3642",
        "url": "https://access.redhat.com/errata/RHSA-2023:3642"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6.1/html/release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/6.1/html/release_notes/index"
      },
      {
        "category": "external",
        "summary": "2066563",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066563"
      },
      {
        "category": "external",
        "summary": "2072009",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
      },
      {
        "category": "external",
        "summary": "2077688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
      },
      {
        "category": "external",
        "summary": "2077689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
      },
      {
        "category": "external",
        "summary": "2082705",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082705"
      },
      {
        "category": "external",
        "summary": "2082706",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082706"
      },
      {
        "category": "external",
        "summary": "2083778",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083778"
      },
      {
        "category": "external",
        "summary": "2084085",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
      },
      {
        "category": "external",
        "summary": "2085307",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085307"
      },
      {
        "category": "external",
        "summary": "2092793",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
      },
      {
        "category": "external",
        "summary": "2104365",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104365"
      },
      {
        "category": "external",
        "summary": "2104367",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367"
      },
      {
        "category": "external",
        "summary": "2107342",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
      },
      {
        "category": "external",
        "summary": "2107371",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"
      },
      {
        "category": "external",
        "summary": "2107374",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
      },
      {
        "category": "external",
        "summary": "2107383",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383"
      },
      {
        "category": "external",
        "summary": "2107386",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
      },
      {
        "category": "external",
        "summary": "2107388",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
      },
      {
        "category": "external",
        "summary": "2107390",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390"
      },
      {
        "category": "external",
        "summary": "2107392",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392"
      },
      {
        "category": "external",
        "summary": "2113814",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
      },
      {
        "category": "external",
        "summary": "2124668",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
      },
      {
        "category": "external",
        "summary": "2124669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
      },
      {
        "category": "external",
        "summary": "2125514",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2125514"
      },
      {
        "category": "external",
        "summary": "2131146",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131146"
      },
      {
        "category": "external",
        "summary": "2131147",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131147"
      },
      {
        "category": "external",
        "summary": "2131148",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131148"
      },
      {
        "category": "external",
        "summary": "2131149",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131149"
      },
      {
        "category": "external",
        "summary": "2132868",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
      },
      {
        "category": "external",
        "summary": "2132872",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
      },
      {
        "category": "external",
        "summary": "2138014",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138014"
      },
      {
        "category": "external",
        "summary": "2138015",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138015"
      },
      {
        "category": "external",
        "summary": "2148252",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148252"
      },
      {
        "category": "external",
        "summary": "2149181",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149181"
      },
      {
        "category": "external",
        "summary": "2168965",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168965"
      },
      {
        "category": "external",
        "summary": "2174461",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174461"
      },
      {
        "category": "external",
        "summary": "2174462",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174462"
      },
      {
        "category": "external",
        "summary": "2186142",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186142"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3642.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Ceph Storage 6.1 Container security and bug fix update",
    "tracking": {
      "current_release_date": "2026-06-07T01:01:24+00:00",
      "generator": {
        "date": "2026-06-07T01:01:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2023:3642",
      "initial_release_date": "2023-06-15T15:59:41+00:00",
      "revision_history": [
        {
          "date": "2023-06-15T15:59:41+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-06-15T15:59:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-07T01:01:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ceph Storage 6.1 Tools",
                "product": {
                  "name": "Red Hat Ceph Storage 6.1 Tools",
                  "product_id": "9Base-RHCEPH-6.1-Tools",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ceph Storage"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
                "product": {
                  "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
                  "product_id": "rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-dashboard-rhel9\u0026tag=6-75"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
                  "product_id": "rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.4-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v2.4.0-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
                "product": {
                  "name": "rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
                  "product_id": "rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-rhel9\u0026tag=6-177"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.17-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-36"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
                  "product_id": "rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-dashboard-rhel9\u0026tag=6-75"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
                  "product_id": "rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.4-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v2.4.0-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
                  "product_id": "rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-rhel9\u0026tag=6-177"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.17-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-36"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
                "product": {
                  "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
                  "product_id": "rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-dashboard-rhel9\u0026tag=6-75"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
                  "product_id": "rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.4-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v2.4.0-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
                "product": {
                  "name": "rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
                  "product_id": "rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-rhel9\u0026tag=6-177"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.17-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-36"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64"
        },
        "product_reference": "rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x"
        },
        "product_reference": "rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        },
        "product_reference": "rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x"
        },
        "product_reference": "rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64"
        },
        "product_reference": "rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le"
        },
        "product_reference": "rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-42581",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "discovery_date": "2022-05-10T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2083778"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Ramda NPM package that involves prototype poisoning. This flaw allows attackers to supply a crafted object, affecting the integrity or availability of the application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ramda: prototype poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are the application-ui container up to and including RHACM 2.4.4, 2.3.10 and 2.2.13 and grc-ui container up to and including RHACM 2.2.13 versions. However not any RHACM is affected in the kui-web-terminal container as is using already patched and not affected version, therefore we are not impacted in this particular component. In RHACM these components are behind OpenShift OAuth. This restricts access to the vulnerable ramda library to authenticated users only, therefore the impact is reduced to Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-42581"
        },
        {
          "category": "external",
          "summary": "RHBZ#2083778",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083778"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-42581",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-42581",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42581"
        },
        {
          "category": "external",
          "summary": "https://github.com/ramda/ramda/pull/3192",
          "url": "https://github.com/ramda/ramda/pull/3192"
        }
      ],
      "release_date": "2022-05-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ramda: prototype poisoning"
    },
    {
      "cve": "CVE-2022-1650",
      "cwe": {
        "id": "CWE-359",
        "name": "Exposure of Private Personal Information to an Unauthorized Actor"
      },
      "discovery_date": "2022-05-12T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2085307"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the EventSource NPM Package. The description from the source states the following message: \"Exposure of Sensitive Information to an Unauthorized Actor.\" This flaw allows an attacker to steal the user\u0027s credentials and then use the credentials to access the legitimate website.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "eventsource: Exposure of Sensitive Information",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1650"
        },
        {
          "category": "external",
          "summary": "RHBZ#2085307",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085307"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1650",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1650"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1650",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1650"
        },
        {
          "category": "external",
          "summary": "https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e",
          "url": "https://huntr.dev/bounties/dc9e467f-be5d-4945-867d-1044d27e9b8e"
        }
      ],
      "release_date": "2022-05-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "eventsource: Exposure of Sensitive Information"
    },
    {
      "cve": "CVE-2022-1705",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107374"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating \"chunked\" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: improper sanitization of Transfer-Encoding header",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107374",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1705",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53188",
          "url": "https://go.dev/issue/53188"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: improper sanitization of Transfer-Encoding header"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Daniel Abeles"
          ],
          "organization": "Head of Research, Oxeye"
        },
        {
          "names": [
            "Gal Goldstein"
          ],
          "organization": "Security Researcher, Oxeye"
        }
      ],
      "cve": "CVE-2022-2880",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2022-10-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2132868"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-2880"
        },
        {
          "category": "external",
          "summary": "RHBZ#2132868",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/go/issues/54663",
          "url": "https://github.com/golang/go/issues/54663"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
          "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
        }
      ],
      "release_date": "2022-10-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
    },
    {
      "cve": "CVE-2022-21680",
      "cwe": {
        "id": "CWE-186",
        "name": "Overly Restrictive Regular Expression"
      },
      "discovery_date": "2022-05-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2082705"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the markedjs package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "marked: regular expression block.def may lead Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21680"
        },
        {
          "category": "external",
          "summary": "RHBZ#2082705",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082705"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21680",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21680"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21680",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21680"
        }
      ],
      "release_date": "2022-01-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "marked: regular expression block.def may lead Denial of Service"
    },
    {
      "cve": "CVE-2022-21681",
      "cwe": {
        "id": "CWE-186",
        "name": "Overly Restrictive Regular Expression"
      },
      "discovery_date": "2022-05-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2082706"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the markedjs package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "marked: regular expression inline.reflinkSearch may lead Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21681"
        },
        {
          "category": "external",
          "summary": "RHBZ#2082706",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082706"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21681",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21681"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21681",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21681"
        }
      ],
      "release_date": "2022-01-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "marked: regular expression inline.reflinkSearch may lead Denial of Service"
    },
    {
      "cve": "CVE-2022-23498",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2023-02-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2167266"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Grafana package. When data-source query caching is enabled, Grafana caches all headers, including `grafana_session.` As a result, any user that queries a data source where the caching is enabled can acquire another user\u2019s session.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: Use of Cache Containing Sensitive Information",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23498"
        },
        {
          "category": "external",
          "summary": "RHBZ#2167266",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167266"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23498",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23498"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23498",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23498"
        },
        {
          "category": "external",
          "summary": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8",
          "url": "https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8"
        }
      ],
      "release_date": "2023-02-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        },
        {
          "category": "workaround",
          "details": "To mitigate the vulnerability, disable the data source query caching for all data sources.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "grafana: Use of Cache Containing Sensitive Information"
    },
    {
      "cve": "CVE-2022-24675",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/pem: fix stack overflow in Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/pem: fix stack overflow in Decode"
    },
    {
      "cve": "CVE-2022-24785",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2022-04-05T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2072009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability was found in Moment.js that impacts npm (server) users. This issue occurs if a user-provided locale string is directly used to switch moment locale, which an attacker can exploit to change the correct path to one of their choice. This can result in a loss of integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Moment.js: Path traversal  in moment.locale",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In Quay 3.10 and above, no version of affected momentjs is present.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "RHBZ#2072009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24785",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24785"
        },
        {
          "category": "external",
          "summary": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4",
          "url": "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4"
        }
      ],
      "release_date": "2022-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        },
        {
          "category": "workaround",
          "details": "Sanitize the user-provided locale name before passing it to Moment.js.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Moment.js: Path traversal  in moment.locale"
    },
    {
      "cve": "CVE-2022-26148",
      "cwe": {
        "id": "CWE-312",
        "name": "Cleartext Storage of Sensitive Information"
      },
      "discovery_date": "2022-03-22T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2066563"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Grafana when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right-click to view the source code and use Ctrl-F to search for the password in api_jsonrpc.php to discover the Zabbix account password and URL address.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: An information leak issue was discovered in Grafana through 7.3.4, when integrated with Zabbix",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-26148"
        },
        {
          "category": "external",
          "summary": "RHBZ#2066563",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066563"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-26148",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-26148"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-26148",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26148"
        }
      ],
      "release_date": "2022-03-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: An information leak issue was discovered in Grafana through 7.3.4, when integrated with Zabbix"
    },
    {
      "cve": "CVE-2022-27664",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2124669"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: handle server errors after sending GOAWAY",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "RHBZ#2124669",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/54658",
          "url": "https://go.dev/issue/54658"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
          "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
        }
      ],
      "release_date": "2022-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: handle server errors after sending GOAWAY"
    },
    {
      "cve": "CVE-2022-28131",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107390"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/xml: stack exhaustion in Decoder.Skip",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability exists in the calling of the function decoder.skip to a deeply nested XML document. Although the vulnerability exists, it may require that the application accept deeply nested XML from untrusted sources and specifically calls Decoder.Skip on it. In many deployments, that code path might not even be reachable or exposed to external input. On top of that, a successful exploitation will only result in denial of service due to stack exhaustion, which is why this has been marked as moderate by Red Hat.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107390",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107390"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28131",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28131",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53614",
          "url": "https://go.dev/issue/53614"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/xml: stack exhaustion in Decoder.Skip"
    },
    {
      "cve": "CVE-2022-28327",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077689"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow flaw was found in Golang\u0027s crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256().ScalarMult or P256().ScalarBaseMult to panic, leading to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/elliptic: panic caused by oversized scalar",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A moderate severity flaw was found in Go\u2019s crypto/elliptic package in the generic P-256 implementation. If a scalar input longer than 32 bytes is supplied, P256().ScalarMult or P256().ScalarBaseMult can panic, causing the application to crash. Indirect uses via crypto/ecdsa and crypto/tls are not affected. This issue impacts availability but does not affect confidentiality or integrity. Only certain platforms (non-amd64, non-arm64, non-ppc64le, non-s390x) may be affected.\n\nRed Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope. \n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077689",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077689"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-28327",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/elliptic: panic caused by oversized scalar"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jo\u00ebl G\u00e4hwiler"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-29526",
      "cwe": {
        "id": "CWE-358",
        "name": "Improperly Implemented Security Check for Standard"
      },
      "discovery_date": "2022-05-11T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2084085"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the syscall.Faccessat function when calling a process by checking the group. This flaw allows an attacker to check the process group permissions rather than a member of the file\u0027s group, affecting system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: syscall: faccessat checks wrong group",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "RHBZ#2084085",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2084085"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-29526",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        }
      ],
      "release_date": "2022-05-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: syscall: faccessat checks wrong group"
    },
    {
      "cve": "CVE-2022-30629",
      "cwe": {
        "id": "CWE-331",
        "name": "Insufficient Entropy"
      },
      "discovery_date": "2022-06-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2092793"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the crypto/tls golang package. When session tickets are generated by crypto/tls, it is missing the ticket expiration. This issue may allow an attacker to observe the TLS handshakes to correlate successive connections during session resumption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/tls: session tickets lack random ticket_age_add",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "RHBZ#2092793",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092793"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30629",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg",
          "url": "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg"
        }
      ],
      "release_date": "2022-06-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: crypto/tls: session tickets lack random ticket_age_add"
    },
    {
      "cve": "CVE-2022-30630",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107371"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: io/fs: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "RH ProdSec has set the Impact of this vulnerability to Moderate as there is no known method to execute arbitary code. Successful exploitation of this bug can cause the application under attack to panic, merely causing a Denial of Service at the application level. As the kernel is unaffected by this bug, the user can merely relaunch the application to fix the problem. Also, if somehow the application keeps relaunching, the timer watchdogs in the default RHEL kernel will stop the attack in its tracks.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107371",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30630",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30630",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53415",
          "url": "https://go.dev/issue/53415"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: io/fs: stack exhaustion in Glob"
    },
    {
      "cve": "CVE-2022-30631",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107342"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: compress/gzip: stack exhaustion in Reader.Read",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit CVE-2022-30631, an attacker supplies a specially crafted gzip archive to a Go application that uses a vulnerable version of the compress/gzip package without adequate input validation. This can lead to uncontrolled recursion, resulting in stack exhaustion and causing the application to panic, thereby affecting its availability.\n\nAs this is merely a DoS and there is no known way to control the instruction pointer, RH ProdSec has set the impact of this vulnerabilty to \"Moderate\".",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107342",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30631",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53168",
          "url": "https://go.dev/issue/53168"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: compress/gzip: stack exhaustion in Reader.Read"
    },
    {
      "cve": "CVE-2022-30632",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107386"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: path/filepath: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The exploitation of this flaw will only result in a denial of service of the application via the application crashing which is why this has been rated as moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107386",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30632",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53416",
          "url": "https://go.dev/issue/53416"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: path/filepath: stack exhaustion in Glob"
    },
    {
      "cve": "CVE-2022-30633",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107392"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling Unmarshal on an XML document into a Go struct, which has a nested field that uses the \"any\" field tag, can cause a panic due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/xml: stack exhaustion in Unmarshal",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat has marked this as moderate impact for two primary reasons\n1. Though the vulnerability exists, it is hard to exploit in real scenarios (e.g., the attacker must be able to feed crafted XML documents into specific code paths).\n2. The vulnerability is a denial of service (DoS) due to stack exhaustion rather than code execution or data breach. Since it doesn\u2019t compromise confidentiality or integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107392",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30633",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30633",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53611",
          "url": "https://go.dev/issue/53611"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/xml: stack exhaustion in Unmarshal"
    },
    {
      "cve": "CVE-2022-30635",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107388"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/gob: stack exhaustion in Decoder.Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.The vulnerability has been rated as moderate instead of high because the vulnerability can only result in a minor denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107388",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53615",
          "url": "https://go.dev/issue/53615"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/gob: stack exhaustion in Decoder.Decode"
    },
    {
      "cve": "CVE-2022-31097",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2022-07-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2104365"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A Cross-site scripting (XSS) vulnerability was found in the Unified Alerting feature of Grafana. This stored XSS can elevate privileges from Editor to Admin.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: stored XSS vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-31097"
        },
        {
          "category": "external",
          "summary": "RHBZ#2104365",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104365"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31097",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-31097"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31097",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31097"
        },
        {
          "category": "external",
          "summary": "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f",
          "url": "https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f"
        }
      ],
      "release_date": "2022-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        },
        {
          "category": "workaround",
          "details": "Disable Unified alerting.\nhttps://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#unified_alerting",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "grafana: stored XSS vulnerability"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "HTTPVoid team"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-31107",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2022-07-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2104367"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Grafana. This flaw allows a malicious user with the authorization to log into a Grafana instance via a configured OAuth IdP to take over an existing Grafana account under certain conditions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: OAuth account takeover",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-31107"
        },
        {
          "category": "external",
          "summary": "RHBZ#2104367",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2104367"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31107",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-31107"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31107",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31107"
        },
        {
          "category": "external",
          "summary": "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2",
          "url": "https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2"
        }
      ],
      "release_date": "2022-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        },
        {
          "category": "workaround",
          "details": "As a workaround, it is possible to disable any OAuth login or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "grafana: OAuth account takeover"
    },
    {
      "cve": "CVE-2022-31123",
      "discovery_date": "2022-09-30T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2131147"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Grafana web application, where it is possible to install plugins which are not digitally signed. An admin could install unsigned plugins, which may contain malicious code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: plugin signature bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-31123"
        },
        {
          "category": "external",
          "summary": "RHBZ#2131147",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131147"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31123",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-31123"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31123",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31123"
        },
        {
          "category": "external",
          "summary": "https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8",
          "url": "https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8"
        }
      ],
      "release_date": "2022-10-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: plugin signature bypass"
    },
    {
      "cve": "CVE-2022-31130",
      "discovery_date": "2022-09-30T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2131146"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Grafana\u0027s use of the GitLab data source plugin, leaking the API key to gitlab. This can result in the destination plugin receiving a Grafana user\u0027s authentication token, which could be used by an attacker.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: data source and plugin proxy endpoints leaking authentication tokens to some destination plugins",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-31130"
        },
        {
          "category": "external",
          "summary": "RHBZ#2131146",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131146"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-31130",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-31130"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31130",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31130"
        }
      ],
      "release_date": "2022-10-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: data source and plugin proxy endpoints leaking authentication tokens to some destination plugins"
    },
    {
      "cve": "CVE-2022-32148",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107383"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107383",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32148",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32148",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53423",
          "url": "https://go.dev/issue/53423"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working"
    },
    {
      "cve": "CVE-2022-32189",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-08-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2113814"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "RHBZ#2113814",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53871",
          "url": "https://go.dev/issue/53871"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
          "url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
        }
      ],
      "release_date": "2022-08-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
    },
    {
      "cve": "CVE-2022-32190",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2022-09-06T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2124668"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-32190"
        },
        {
          "category": "external",
          "summary": "RHBZ#2124668",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/54385",
          "url": "https://go.dev/issue/54385"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
          "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
        }
      ],
      "release_date": "2022-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
    },
    {
      "cve": "CVE-2022-35957",
      "cwe": {
        "id": "CWE-288",
        "name": "Authentication Bypass Using an Alternate Path or Channel"
      },
      "discovery_date": "2022-09-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2125514"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the grafana package. Auth proxy allows authentication of a user by only providing the username (or email) in an X-WEBAUTH-USER HTTP header. The trust assumption is that a front proxy will take care of authentication and that the Grafana server is only publicly reachable with this front proxy.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: Escalation from admin to server admin when auth proxy is used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-35957"
        },
        {
          "category": "external",
          "summary": "RHBZ#2125514",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2125514"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-35957",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-35957"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35957",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35957"
        },
        {
          "category": "external",
          "summary": "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q",
          "url": "https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q"
        }
      ],
      "release_date": "2022-09-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: Escalation from admin to server admin when auth proxy is used"
    },
    {
      "cve": "CVE-2022-39201",
      "discovery_date": "2022-09-30T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2131148"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Grafana. The vulnerability impacts data source and plugin proxy endpoints under certain conditions. Grafana could leak the authentication cookie of users to plugins, which could result in an impact to confidentiality, integrity, and availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-39201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2131148",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131148"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-39201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-39201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39201"
        }
      ],
      "release_date": "2022-10-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins"
    },
    {
      "cve": "CVE-2022-39229",
      "discovery_date": "2022-09-30T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2131149"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Grafana web application. When a user logs into the system, either the username or email address can be used. However, the login system allows both a username and connected email to be registered, which could allow an attacker to prevent a user which has an associated email address access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: using email as a username can block other users from signing in",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-39229"
        },
        {
          "category": "external",
          "summary": "RHBZ#2131149",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2131149"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-39229",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-39229"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39229",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39229"
        }
      ],
      "release_date": "2022-10-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: using email as a username can block other users from signing in"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Grafana Team"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-39306",
      "cwe": {
        "id": "CWE-303",
        "name": "Incorrect Implementation of Authentication Algorithm"
      },
      "discovery_date": "2022-10-26T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2138014"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An authentication bypass flaw was discovered in Grafana. This issue could allow a remote unauthenticated attacker to create an account and provide access to a certain organization, which can be exploited by gaining access to the signup link. The highest impacts to the system are confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: email addresses and usernames cannot be trusted",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-39306"
        },
        {
          "category": "external",
          "summary": "RHBZ#2138014",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138014"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-39306",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-39306"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39306",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39306"
        },
        {
          "category": "external",
          "summary": "https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/",
          "url": "https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/"
        }
      ],
      "release_date": "2022-11-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: email addresses and usernames cannot be trusted"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Grafana Team"
          ]
        }
      ],
      "cve": "CVE-2022-39307",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "discovery_date": "2022-10-26T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2138015"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An information leak was discovered in Grafana. Remote unauthenticated users could exploit the forget password feature to discover which user accounts exist.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: User enumeration via forget password",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-39307"
        },
        {
          "category": "external",
          "summary": "RHBZ#2138015",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2138015"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-39307",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-39307"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39307",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39307"
        },
        {
          "category": "external",
          "summary": "https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/",
          "url": "https://grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/"
        }
      ],
      "release_date": "2022-11-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: User enumeration via forget password"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Grafana Security Team"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2022-39324",
      "cwe": {
        "id": "CWE-472",
        "name": "External Control of Assumed-Immutable Web Parameter"
      },
      "discovery_date": "2022-11-24T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2148252"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the grafana package. While creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the \"Open original dashboard\" button.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "grafana: Spoofing of the originalUrl parameter of snapshots",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift Service Mesh containers include the Grafana RPM from RHEL and consume CVE fixes for Grafana from RHEL channels. The servicemesh-grafana RPM shipped in early versions of OpenShift Service Mesh 2.1 is no longer maintained.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-39324"
        },
        {
          "category": "external",
          "summary": "RHBZ#2148252",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148252"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-39324",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-39324"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39324",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39324"
        },
        {
          "category": "external",
          "summary": "https://grafana.com/blog/2023/01/25/grafana-security-releases-new-versions-with-fixes-for-cve-2022-23552-cve-2022-41912-and-cve-2022-39324/",
          "url": "https://grafana.com/blog/2023/01/25/grafana-security-releases-new-versions-with-fixes-for-cve-2022-23552-cve-2022-41912-and-cve-2022-39324/"
        }
      ],
      "release_date": "2023-01-30T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "grafana: Spoofing of the originalUrl parameter of snapshots"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Adam Korczynski"
          ],
          "organization": "ADA Logics"
        },
        {
          "names": [
            "OSS-Fuzz"
          ]
        }
      ],
      "cve": "CVE-2022-41715",
      "discovery_date": "2022-10-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2132872"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: regexp/syntax: limit memory used by parsing regexps",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "RHBZ#2132872",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/go/issues/55949",
          "url": "https://github.com/golang/go/issues/55949"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
          "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
        }
      ],
      "release_date": "2022-10-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: regexp/syntax: limit memory used by parsing regexps"
    },
    {
      "cve": "CVE-2022-41912",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "discovery_date": "2022-11-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2149181"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An authentication bypass flaw was discovered in the crewjam/saml go package. A remote unauthenticated attacker could trigger it by sending a SAML request. This would allow an escalation of privileges and then enable  compromising system integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Whilst the Red Hat Advanced Cluster Management for Kubernetes (RHACM) acm-grafana container include the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Therefore the impact by this flaw is reduced from Critical to Important.\n\nThe OCP grafana-container includes the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Therefore the impact by this flaw is reduced from Critical to Important.\n\nWhile Red Hat Ceph Storage 4\u0027s grafana-container includes the affected code, this is used for logging and limits access to the rest of the Ceph cluster. Thus the impact has been reduced from critical to important. Red Hat Ceph Storage 3 and 4 do not use crewjam/saml in their version of grafana.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
        ],
        "known_not_affected": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-41912"
        },
        {
          "category": "external",
          "summary": "RHBZ#2149181",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2149181"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41912",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-41912"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41912",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41912"
        },
        {
          "category": "external",
          "summary": "https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g",
          "url": "https://github.com/crewjam/saml/security/advisories/GHSA-j2jp-wvqg-wc2g"
        }
      ],
      "release_date": "2022-11-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T15:59:41+00:00",
          "details": "For details on how to apply this update, see Upgrade a Red Hat Ceph Storage\ncluster using cephadm in the Red Hat Storage Ceph Upgrade\nGuide.(https://access.redhat.com/documentation/en-us/red_hat_ceph_storage)",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:2ae4274163155d880cbd41d1a197d6856f326501a50e028ff3de9ff8a85b3e97_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:36abd2b22ebabea813c5afde35b0b80a200056f811267e89f0270da9155b1a22_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:b21d882fd2d08d6f162dbb63e0626d9d6aa892a677c5a28edc97b84feef1655a_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:1d7ca201b778e6a6cb559129e240233b6b6461399c67f979c07d5fe288c400f6_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:3fb7480f9d68333e168eae0c9fbeceb0df7962a40c25ecced81ea4c4959b2c25_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:50329da263e8ef00c47632156761621bac30fead5e574ef23cd1d30b7af0019a_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:72bd6eb932a368af10d5c607d8b60e0fe8b87862f4adaa17fd022a3427a46ca8_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:953630d9f9924f17ab7ce168772c3facbaf6866b79a1cf0fb9aee1dcf6eb8c7d_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:9b477366f861df49b533d95941b9770b032827bb4a259c5f86abce8705960c05_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:720b3207087d4feb8ab59ffd0b70d6bc22fa21d53b62393779dfaf8972a32e60_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:8cc4a146d7be5046b416fe9c04d77b4f0a25a2ab7180fdbf8c46cff8e2483080_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e4da2c9d53159d43c6795151eb3c9dea373da19b34d76094b60e7a2466415d62_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44697ad0d15d1f37b98243f5f013cb9271d70e2b10ab52093a1d7e3409a674b2_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b46c0196fab3bd3a60b64a1d7ff8af6fbc7c3e526618da1cc78032bffa3be171_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:f52fd8d5fbfdcc202c5e31096119377a8b87f9efd31602398d45cec86ec35940_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:8887234fbbaddf620eaa7b0f4b1ed6ab8aa5bc52e019e67179554ccd03fba676_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:9078b49846d8ec681bec5b96f0d4087b4c66bdc6baf4701cfc9c8e8aeae89661_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:df7c89608fe8352d445efcc1017521b35878cfe61a8b9fd91fab24c00786b2bf_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements"
    }
  ]
}

SUSE-SU-2022:1829-1

Vulnerability from csaf_suse - Published: 2022-05-24 08:58 - Updated: 2022-05-24 08:58

Summary

Security update for go1.18

Severity

Moderate

Notes

Title of the patch: Security update for go1.18

Description of the patch: This update for go1.18 fixes the following issues: - CVE-2022-29526: Fixed faccessat() system call operation that checked the wrong group (bsc#1199413). - go1.18.2 (released 2022-05-10) (bsc#1193742).

Patchnames: SUSE-2022-1829,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1829,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1829,openSUSE-SLE-15.3-2022-1829,openSUSE-SLE-15.4-2022-1829

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 40 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

9 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1193742	self
https://bugzilla.suse.com/1199413	self
https://www.suse.com/security/cve/CVE-2022-29526/	self
https://www.suse.com/security/cve/CVE-2022-29526	external
https://bugzilla.suse.com/1199413	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.18",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.18 fixes the following issues:\n\n- CVE-2022-29526: Fixed faccessat() system call operation that checked the wrong group (bsc#1199413).\n\n- go1.18.2 (released 2022-05-10) (bsc#1193742).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1829,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1829,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1829,openSUSE-SLE-15.3-2022-1829,openSUSE-SLE-15.4-2022-1829",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1829-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1829-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221829-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1829-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011146.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193742",
        "url": "https://bugzilla.suse.com/1193742"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199413",
        "url": "https://bugzilla.suse.com/1199413"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29526 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29526/"
      }
    ],
    "title": "Security update for go1.18",
    "tracking": {
      "current_release_date": "2022-05-24T08:58:14Z",
      "generator": {
        "date": "2022-05-24T08:58:14Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1829-1",
      "initial_release_date": "2022-05-24T08:58:14Z",
      "revision_history": [
        {
          "date": "2022-05-24T08:58:14Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-1.18.2-150000.1.17.1.aarch64",
                "product": {
                  "name": "go1.18-1.18.2-150000.1.17.1.aarch64",
                  "product_id": "go1.18-1.18.2-150000.1.17.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-doc-1.18.2-150000.1.17.1.aarch64",
                "product": {
                  "name": "go1.18-doc-1.18.2-150000.1.17.1.aarch64",
                  "product_id": "go1.18-doc-1.18.2-150000.1.17.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-race-1.18.2-150000.1.17.1.aarch64",
                "product": {
                  "name": "go1.18-race-1.18.2-150000.1.17.1.aarch64",
                  "product_id": "go1.18-race-1.18.2-150000.1.17.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-1.18.2-150000.1.17.1.i586",
                "product": {
                  "name": "go1.18-1.18.2-150000.1.17.1.i586",
                  "product_id": "go1.18-1.18.2-150000.1.17.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-doc-1.18.2-150000.1.17.1.i586",
                "product": {
                  "name": "go1.18-doc-1.18.2-150000.1.17.1.i586",
                  "product_id": "go1.18-doc-1.18.2-150000.1.17.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-1.18.2-150000.1.17.1.ppc64le",
                "product": {
                  "name": "go1.18-1.18.2-150000.1.17.1.ppc64le",
                  "product_id": "go1.18-1.18.2-150000.1.17.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
                "product": {
                  "name": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
                  "product_id": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-1.18.2-150000.1.17.1.s390x",
                "product": {
                  "name": "go1.18-1.18.2-150000.1.17.1.s390x",
                  "product_id": "go1.18-1.18.2-150000.1.17.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-doc-1.18.2-150000.1.17.1.s390x",
                "product": {
                  "name": "go1.18-doc-1.18.2-150000.1.17.1.s390x",
                  "product_id": "go1.18-doc-1.18.2-150000.1.17.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-1.18.2-150000.1.17.1.x86_64",
                "product": {
                  "name": "go1.18-1.18.2-150000.1.17.1.x86_64",
                  "product_id": "go1.18-1.18.2-150000.1.17.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-doc-1.18.2-150000.1.17.1.x86_64",
                "product": {
                  "name": "go1.18-doc-1.18.2-150000.1.17.1.x86_64",
                  "product_id": "go1.18-doc-1.18.2-150000.1.17.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-race-1.18.2-150000.1.17.1.x86_64",
                "product": {
                  "name": "go1.18-race-1.18.2-150000.1.17.1.x86_64",
                  "product_id": "go1.18-race-1.18.2-150000.1.17.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-1.18.2-150000.1.17.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.s390x"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-doc-1.18.2-150000.1.17.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-doc-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.aarch64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-race-1.18.2-150000.1.17.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.x86_64"
        },
        "product_reference": "go1.18-race-1.18.2-150000.1.17.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-29526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.x86_64",
          "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.aarch64",
          "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.ppc64le",
          "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.s390x",
          "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.x86_64",
          "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
          "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
          "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.s390x",
          "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
          "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.aarch64",
          "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.x86_64",
          "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.aarch64",
          "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.s390x",
          "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.x86_64",
          "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
          "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.s390x",
          "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
          "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.aarch64",
          "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29526",
          "url": "https://www.suse.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199413 for CVE-2022-29526",
          "url": "https://bugzilla.suse.com/1199413"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-race-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-race-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.3:go1.18-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.3:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.3:go1.18-race-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.4:go1.18-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.s390x",
            "openSUSE Leap 15.4:go1.18-doc-1.18.2-150000.1.17.1.x86_64",
            "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.aarch64",
            "openSUSE Leap 15.4:go1.18-race-1.18.2-150000.1.17.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-05-24T08:58:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29526"
    }
  ]
}

SUSE-SU-2022:1862-1

Vulnerability from csaf_suse - Published: 2022-05-26 10:41 - Updated: 2022-05-26 10:41

Summary

Security update for go1.17

Severity

Moderate

Notes

Title of the patch: Security update for go1.17

Description of the patch: This update for go1.17 fixes the following issues: - CVE-2022-29526: Fixed faccessat() system call operation that checked the wrong group (bsc#1199413). - go1.17.10 (released 2022-05-10) (bsc#1190649).

Patchnames: SUSE-2022-1862,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1862,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1862,openSUSE-SLE-15.3-2022-1862,openSUSE-SLE-15.4-2022-1862

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 42 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.i586	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.i586	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

9 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1190649	self
https://bugzilla.suse.com/1199413	self
https://www.suse.com/security/cve/CVE-2022-29526/	self
https://www.suse.com/security/cve/CVE-2022-29526	external
https://bugzilla.suse.com/1199413	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.17",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.17 fixes the following issues:\n\n- CVE-2022-29526: Fixed faccessat() system call operation that checked the wrong group (bsc#1199413).\n\n- go1.17.10 (released 2022-05-10) (bsc#1190649).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-1862,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1862,SUSE-SLE-Module-Development-Tools-15-SP4-2022-1862,openSUSE-SLE-15.3-2022-1862,openSUSE-SLE-15.4-2022-1862",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1862-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:1862-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221862-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:1862-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011167.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190649",
        "url": "https://bugzilla.suse.com/1190649"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199413",
        "url": "https://bugzilla.suse.com/1199413"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29526 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29526/"
      }
    ],
    "title": "Security update for go1.17",
    "tracking": {
      "current_release_date": "2022-05-26T10:41:55Z",
      "generator": {
        "date": "2022-05-26T10:41:55Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:1862-1",
      "initial_release_date": "2022-05-26T10:41:55Z",
      "revision_history": [
        {
          "date": "2022-05-26T10:41:55Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.17-1.17.10-150000.1.34.1.aarch64",
                "product": {
                  "name": "go1.17-1.17.10-150000.1.34.1.aarch64",
                  "product_id": "go1.17-1.17.10-150000.1.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-doc-1.17.10-150000.1.34.1.aarch64",
                "product": {
                  "name": "go1.17-doc-1.17.10-150000.1.34.1.aarch64",
                  "product_id": "go1.17-doc-1.17.10-150000.1.34.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-race-1.17.10-150000.1.34.1.aarch64",
                "product": {
                  "name": "go1.17-race-1.17.10-150000.1.34.1.aarch64",
                  "product_id": "go1.17-race-1.17.10-150000.1.34.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.17-1.17.10-150000.1.34.1.i586",
                "product": {
                  "name": "go1.17-1.17.10-150000.1.34.1.i586",
                  "product_id": "go1.17-1.17.10-150000.1.34.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-doc-1.17.10-150000.1.34.1.i586",
                "product": {
                  "name": "go1.17-doc-1.17.10-150000.1.34.1.i586",
                  "product_id": "go1.17-doc-1.17.10-150000.1.34.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.17-1.17.10-150000.1.34.1.ppc64le",
                "product": {
                  "name": "go1.17-1.17.10-150000.1.34.1.ppc64le",
                  "product_id": "go1.17-1.17.10-150000.1.34.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
                "product": {
                  "name": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
                  "product_id": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.17-1.17.10-150000.1.34.1.s390x",
                "product": {
                  "name": "go1.17-1.17.10-150000.1.34.1.s390x",
                  "product_id": "go1.17-1.17.10-150000.1.34.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-doc-1.17.10-150000.1.34.1.s390x",
                "product": {
                  "name": "go1.17-doc-1.17.10-150000.1.34.1.s390x",
                  "product_id": "go1.17-doc-1.17.10-150000.1.34.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.17-1.17.10-150000.1.34.1.x86_64",
                "product": {
                  "name": "go1.17-1.17.10-150000.1.34.1.x86_64",
                  "product_id": "go1.17-1.17.10-150000.1.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-doc-1.17.10-150000.1.34.1.x86_64",
                "product": {
                  "name": "go1.17-doc-1.17.10-150000.1.34.1.x86_64",
                  "product_id": "go1.17-doc-1.17.10-150000.1.34.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.17-race-1.17.10-150000.1.34.1.x86_64",
                "product": {
                  "name": "go1.17-race-1.17.10-150000.1.34.1.x86_64",
                  "product_id": "go1.17-race-1.17.10-150000.1.34.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.3",
                "product": {
                  "name": "openSUSE Leap 15.3",
                  "product_id": "openSUSE Leap 15.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.i586 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.i586"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.i586 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.i586"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.s390x as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.aarch64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.x86_64 as component of openSUSE Leap 15.3",
          "product_id": "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-1.17.10-150000.1.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.s390x"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-doc-1.17.10-150000.1.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-doc-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.aarch64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.17-race-1.17.10-150000.1.34.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.x86_64"
        },
        "product_reference": "go1.17-race-1.17.10-150000.1.34.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-29526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.x86_64",
          "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.aarch64",
          "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.i586",
          "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.ppc64le",
          "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.s390x",
          "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.x86_64",
          "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
          "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.i586",
          "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
          "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.s390x",
          "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
          "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.aarch64",
          "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.x86_64",
          "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.aarch64",
          "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.ppc64le",
          "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.s390x",
          "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.x86_64",
          "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
          "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
          "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.s390x",
          "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
          "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.aarch64",
          "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29526",
          "url": "https://www.suse.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199413 for CVE-2022-29526",
          "url": "https://bugzilla.suse.com/1199413"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.i586",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.i586",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.17-race-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.i586",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.3:go1.17-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.i586",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.3:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.3:go1.17-race-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.4:go1.17-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.ppc64le",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.s390x",
            "openSUSE Leap 15.4:go1.17-doc-1.17.10-150000.1.34.1.x86_64",
            "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.aarch64",
            "openSUSE Leap 15.4:go1.17-race-1.17.10-150000.1.34.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-05-26T10:41:55Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29526"
    }
  ]
}

SUSE-SU-2023:2312-1

Vulnerability from csaf_suse - Published: 2023-05-30 06:54 - Updated: 2023-05-30 06:54

Summary

Security update for go1.18-openssl

Severity

Important

Notes

Title of the patch: Security update for go1.18-openssl

Description of the patch: This update for go1.18-openssl fixes the following issues: - Add subpackage go1.x-libstd compiled shared object libstd.so (jsc#PED-1962) * Main go1.x package included libstd.so in previous versions * Split libstd.so into subpackage that can be installed standalone * Continues the slimming down of main go1.x package by 40 Mb * Experimental and not recommended for general use, Go currently has no ABI * Upstream Go has not committed to support buildmode=shared long-term * Do not use in packaging, build static single binaries (the default) * Upstream Go go1.x binary releases do not include libstd.so * go1.x Suggests go1.x-libstd so not installed by default Recommends * go1.x-libstd does not Require: go1.x so can install standalone * Provides go-libstd unversioned package name * Fix build step -buildmode=shared std to omit -linkshared - Packaging improvements: * go1.x Suggests go1.x-doc so not installed by default Recommends * Use Group: Development/Languages/Go instead of Other - Improvements to go1.x packaging spec: * On Tumbleweed bootstrap with current default gcc13 and gccgo118 * On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap using go1.x package (%bcond_without gccgo). This is no longer needed on current SLE-12:Update and removing will consolidate the build configurations used. * Change source URLs to go.dev as per Go upstream * On x86_64 export GOAMD64=v1 as per the current baseline. At this time forgo GOAMD64=v3 option for x86_64_v3 support. * On x86_64 %define go_amd64=v1 as current instruction baseline - Update to version 1.18.10.1 cut from the go1.18-openssl-fips branch at the revision tagged go1.18.10-1-openssl-fips. * Merge branch dev.boringcrypto.go1.18 into go1.18-openssl-fips * Merge go1.18.10 into dev.boringcrypto.go1.18 - go1.18.10 (released 2023-01-10) includes fixes to cgo, the compiler, the linker, and the crypto/x509, net/http, and syscall packages. Refs bsc#1193742 go1.18 release tracking * go#57705 misc/cgo: backport needed for dlltool fix * go#57426 crypto/x509: Verify on macOS does not return typed errors * go#57344 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its 'old' argument. * go#57338 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices * go#57213 os: TestLstat failure on Linux Aarch64 * go#57211 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length * go#57057 cmd/go: remove test dependency on gopkg.in service * go#57054 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders * go#57044 cgo: malformed DWARF TagVariable entry * go#57028 cmd/cgo: Wrong types in compiler errors with clang 14 * go#56833 cmd/link/internal/ppc64: too-far trampoline is reused * go#56711 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target * go#56323 net/http: bad handling of HEAD requests with a body

Patchnames: SUSE-2023-2312,SUSE-SLE-Module-Development-Tools-15-SP4-2023-2312,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2312,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-RT-15-SP3-2023-2312,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2312,SUSE-Storage-7.1-2023-2312,openSUSE-SLE-15.4-2023-2312,openSUSE-SLE-15.5-2023-2312

CVE-2022-1705

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-1962

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-24675

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-27536

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-27664

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-28131

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-28327

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-2879

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-2880

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-29526

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-29804

4.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30580

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-30629

3.7 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30630

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30631

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30632

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30633

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30634

2.9 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-30635

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-32148

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-32189

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-41715

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-41716

0 (None)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-41717

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-41720

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-41723

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-41724

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2022-41725

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 66 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

123 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1183043	self
https://bugzilla.suse.com/1193742	self
https://bugzilla.suse.com/1198423	self
https://bugzilla.suse.com/1198424	self
https://bugzilla.suse.com/1198427	self
https://bugzilla.suse.com/1199413	self
https://bugzilla.suse.com/1200134	self
https://bugzilla.suse.com/1200135	self
https://bugzilla.suse.com/1200136	self
https://bugzilla.suse.com/1200137	self
https://bugzilla.suse.com/1201434	self
https://bugzilla.suse.com/1201436	self
https://bugzilla.suse.com/1201437	self
https://bugzilla.suse.com/1201440	self
https://bugzilla.suse.com/1201443	self
https://bugzilla.suse.com/1201444	self
https://bugzilla.suse.com/1201445	self
https://bugzilla.suse.com/1201447	self
https://bugzilla.suse.com/1201448	self
https://bugzilla.suse.com/1202035	self
https://bugzilla.suse.com/1203185	self
https://bugzilla.suse.com/1204023	self
https://bugzilla.suse.com/1204024	self
https://bugzilla.suse.com/1204025	self
https://bugzilla.suse.com/1204941	self
https://bugzilla.suse.com/1206134	self
https://bugzilla.suse.com/1206135	self
https://bugzilla.suse.com/1208270	self
https://bugzilla.suse.com/1208271	self
https://bugzilla.suse.com/1208272	self
https://bugzilla.suse.com/1208491	self
https://www.suse.com/security/cve/CVE-2022-1705/	self
https://www.suse.com/security/cve/CVE-2022-1962/	self
https://www.suse.com/security/cve/CVE-2022-24675/	self
https://www.suse.com/security/cve/CVE-2022-27536/	self
https://www.suse.com/security/cve/CVE-2022-27664/	self
https://www.suse.com/security/cve/CVE-2022-28131/	self
https://www.suse.com/security/cve/CVE-2022-28327/	self
https://www.suse.com/security/cve/CVE-2022-2879/	self
https://www.suse.com/security/cve/CVE-2022-2880/	self
https://www.suse.com/security/cve/CVE-2022-29526/	self
https://www.suse.com/security/cve/CVE-2022-29804/	self
https://www.suse.com/security/cve/CVE-2022-30580/	self
https://www.suse.com/security/cve/CVE-2022-30629/	self
https://www.suse.com/security/cve/CVE-2022-30630/	self
https://www.suse.com/security/cve/CVE-2022-30631/	self
https://www.suse.com/security/cve/CVE-2022-30632/	self
https://www.suse.com/security/cve/CVE-2022-30633/	self
https://www.suse.com/security/cve/CVE-2022-30634/	self
https://www.suse.com/security/cve/CVE-2022-30635/	self
https://www.suse.com/security/cve/CVE-2022-32148/	self
https://www.suse.com/security/cve/CVE-2022-32189/	self
https://www.suse.com/security/cve/CVE-2022-41715/	self
https://www.suse.com/security/cve/CVE-2022-41716/	self
https://www.suse.com/security/cve/CVE-2022-41717/	self
https://www.suse.com/security/cve/CVE-2022-41720/	self
https://www.suse.com/security/cve/CVE-2022-41723/	self
https://www.suse.com/security/cve/CVE-2022-41724/	self
https://www.suse.com/security/cve/CVE-2022-41725/	self
https://www.suse.com/security/cve/CVE-2022-1705	external
https://bugzilla.suse.com/1201434	external
https://www.suse.com/security/cve/CVE-2022-1962	external
https://bugzilla.suse.com/1201448	external
https://www.suse.com/security/cve/CVE-2022-24675	external
https://bugzilla.suse.com/1198423	external
https://www.suse.com/security/cve/CVE-2022-27536	external
https://bugzilla.suse.com/1198427	external
https://www.suse.com/security/cve/CVE-2022-27664	external
https://bugzilla.suse.com/1203185	external
https://bugzilla.suse.com/1203293	external
https://www.suse.com/security/cve/CVE-2022-28131	external
https://bugzilla.suse.com/1201443	external
https://www.suse.com/security/cve/CVE-2022-28327	external
https://bugzilla.suse.com/1198424	external
https://www.suse.com/security/cve/CVE-2022-2879	external
https://bugzilla.suse.com/1204024	external
https://www.suse.com/security/cve/CVE-2022-2880	external
https://bugzilla.suse.com/1204025	external
https://bugzilla.suse.com/1204076	external
https://www.suse.com/security/cve/CVE-2022-29526	external
https://bugzilla.suse.com/1199413	external
https://www.suse.com/security/cve/CVE-2022-29804	external
https://bugzilla.suse.com/1200137	external
https://www.suse.com/security/cve/CVE-2022-30580	external
https://bugzilla.suse.com/1200136	external
https://www.suse.com/security/cve/CVE-2022-30629	external
https://bugzilla.suse.com/1200135	external
https://www.suse.com/security/cve/CVE-2022-30630	external
https://bugzilla.suse.com/1201447	external
https://www.suse.com/security/cve/CVE-2022-30631	external
https://bugzilla.suse.com/1201437	external
https://www.suse.com/security/cve/CVE-2022-30632	external
https://bugzilla.suse.com/1201445	external
https://www.suse.com/security/cve/CVE-2022-30633	external
https://bugzilla.suse.com/1201440	external
https://www.suse.com/security/cve/CVE-2022-30634	external
https://bugzilla.suse.com/1200134	external
https://www.suse.com/security/cve/CVE-2022-30635	external
https://bugzilla.suse.com/1201444	external
https://www.suse.com/security/cve/CVE-2022-32148	external
https://bugzilla.suse.com/1201436	external
https://www.suse.com/security/cve/CVE-2022-32189	external
https://bugzilla.suse.com/1202035	external
https://www.suse.com/security/cve/CVE-2022-41715	external
https://bugzilla.suse.com/1204023	external
https://bugzilla.suse.com/1208441	external
https://www.suse.com/security/cve/CVE-2022-41716	external
https://bugzilla.suse.com/1204941	external
https://www.suse.com/security/cve/CVE-2022-41717	external
https://bugzilla.suse.com/1206135	external
https://www.suse.com/security/cve/CVE-2022-41720	external
https://bugzilla.suse.com/1206134	external
https://www.suse.com/security/cve/CVE-2022-41723	external
https://bugzilla.suse.com/1208270	external
https://bugzilla.suse.com/1215588	external
https://www.suse.com/security/cve/CVE-2022-41724	external
https://bugzilla.suse.com/1208271	external
https://www.suse.com/security/cve/CVE-2022-41725	external
https://bugzilla.suse.com/1208272	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.18-openssl",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.18-openssl fixes the following issues:\n\n- Add subpackage go1.x-libstd compiled shared object libstd.so (jsc#PED-1962)\n  * Main go1.x package included libstd.so in previous versions\n  * Split libstd.so into subpackage that can be installed standalone\n  * Continues the slimming down of main go1.x package by 40 Mb\n  * Experimental and not recommended for general use, Go currently has no ABI\n  * Upstream Go has not committed to support buildmode=shared long-term\n  * Do not use in packaging, build static single binaries (the default)\n  * Upstream Go go1.x binary releases do not include libstd.so\n  * go1.x Suggests go1.x-libstd so not installed by default Recommends\n  * go1.x-libstd does not Require: go1.x so can install standalone\n  * Provides go-libstd unversioned package name\n  * Fix build step -buildmode=shared std to omit -linkshared\n- Packaging improvements:\n  * go1.x Suggests go1.x-doc so not installed by default Recommends\n  * Use Group: Development/Languages/Go instead of Other\n\n- Improvements to go1.x packaging spec:\n  * On Tumbleweed bootstrap with current default gcc13 and gccgo118\n  * On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap\n    using go1.x package (%bcond_without gccgo). This is no longer\n    needed on current SLE-12:Update and removing will consolidate\n    the build configurations used.\n  * Change source URLs to go.dev as per Go upstream\n  * On x86_64 export GOAMD64=v1 as per the current baseline.\n    At this time forgo GOAMD64=v3 option for x86_64_v3 support.\n  * On x86_64 %define go_amd64=v1 as current instruction baseline\n\n- Update to version 1.18.10.1 cut from the go1.18-openssl-fips\n  branch at the revision tagged go1.18.10-1-openssl-fips.\n  * Merge branch dev.boringcrypto.go1.18 into go1.18-openssl-fips\n  * Merge go1.18.10 into dev.boringcrypto.go1.18\n\n- go1.18.10 (released 2023-01-10) includes fixes to cgo, the\n  compiler, the linker, and the crypto/x509, net/http, and syscall\n  packages.\n  Refs bsc#1193742 go1.18 release tracking\n  * go#57705 misc/cgo: backport needed for dlltool fix\n  * go#57426 crypto/x509: Verify on macOS does not return typed errors\n  * go#57344 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its \u0027old\u0027 argument.\n  * go#57338 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices\n  * go#57213 os: TestLstat failure on Linux Aarch64\n  * go#57211 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length\n  * go#57057 cmd/go: remove test dependency on gopkg.in service\n  * go#57054 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders\n  * go#57044 cgo: malformed DWARF TagVariable entry\n  * go#57028 cmd/cgo: Wrong types in compiler errors with clang 14\n  * go#56833 cmd/link/internal/ppc64: too-far trampoline is reused\n  * go#56711 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target\n  * go#56323 net/http: bad handling of HEAD requests with a body\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-2312,SUSE-SLE-Module-Development-Tools-15-SP4-2023-2312,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2312,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-RT-15-SP3-2023-2312,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2312,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2312,SUSE-Storage-7.1-2023-2312,openSUSE-SLE-15.4-2023-2312,openSUSE-SLE-15.5-2023-2312",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2312-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:2312-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232312-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:2312-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/015005.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1183043",
        "url": "https://bugzilla.suse.com/1183043"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1193742",
        "url": "https://bugzilla.suse.com/1193742"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198423",
        "url": "https://bugzilla.suse.com/1198423"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198424",
        "url": "https://bugzilla.suse.com/1198424"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1198427",
        "url": "https://bugzilla.suse.com/1198427"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1199413",
        "url": "https://bugzilla.suse.com/1199413"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200134",
        "url": "https://bugzilla.suse.com/1200134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200135",
        "url": "https://bugzilla.suse.com/1200135"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200136",
        "url": "https://bugzilla.suse.com/1200136"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1200137",
        "url": "https://bugzilla.suse.com/1200137"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201434",
        "url": "https://bugzilla.suse.com/1201434"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201436",
        "url": "https://bugzilla.suse.com/1201436"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201437",
        "url": "https://bugzilla.suse.com/1201437"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201440",
        "url": "https://bugzilla.suse.com/1201440"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201443",
        "url": "https://bugzilla.suse.com/1201443"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201444",
        "url": "https://bugzilla.suse.com/1201444"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201445",
        "url": "https://bugzilla.suse.com/1201445"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201447",
        "url": "https://bugzilla.suse.com/1201447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1201448",
        "url": "https://bugzilla.suse.com/1201448"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1202035",
        "url": "https://bugzilla.suse.com/1202035"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1203185",
        "url": "https://bugzilla.suse.com/1203185"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1204023",
        "url": "https://bugzilla.suse.com/1204023"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1204024",
        "url": "https://bugzilla.suse.com/1204024"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1204025",
        "url": "https://bugzilla.suse.com/1204025"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1204941",
        "url": "https://bugzilla.suse.com/1204941"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1206134",
        "url": "https://bugzilla.suse.com/1206134"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1206135",
        "url": "https://bugzilla.suse.com/1206135"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1208270",
        "url": "https://bugzilla.suse.com/1208270"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1208271",
        "url": "https://bugzilla.suse.com/1208271"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1208272",
        "url": "https://bugzilla.suse.com/1208272"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1208491",
        "url": "https://bugzilla.suse.com/1208491"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1705 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1705/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-1962 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-1962/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-24675 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-24675/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-27536 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-27536/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-27664 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-27664/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28131 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28131/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-28327 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-28327/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2879 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2879/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-2880 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-2880/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29526 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29526/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-29804 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-29804/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30580 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30580/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30629 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30629/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30630 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30630/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30631 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30631/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30632 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30632/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30633 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30633/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30634 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30634/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-30635 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-30635/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-32148 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-32148/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-32189 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-32189/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41715 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41715/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41716 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41716/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41717 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41717/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41720 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41720/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41723 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41723/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41724 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41724/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-41725 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-41725/"
      }
    ],
    "title": "Security update for go1.18-openssl",
    "tracking": {
      "current_release_date": "2023-05-30T06:54:51Z",
      "generator": {
        "date": "2023-05-30T06:54:51Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:2312-1",
      "initial_release_date": "2023-05-30T06:54:51Z",
      "revision_history": [
        {
          "date": "2023-05-30T06:54:51Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
                "product": {
                  "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
                  "product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
                "product": {
                  "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
                  "product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
                "product": {
                  "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
                  "product_id": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.i586",
                "product": {
                  "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.i586",
                  "product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.i586",
                "product": {
                  "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.i586",
                  "product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
                "product": {
                  "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
                  "product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
                "product": {
                  "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
                  "product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
                "product": {
                  "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
                  "product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
                "product": {
                  "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
                  "product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
                "product": {
                  "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
                  "product_id": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
                "product": {
                  "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
                  "product_id": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
                "product": {
                  "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
                  "product_id": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Real Time 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Real Time 15 SP3",
                  "product_id": "SUSE Linux Enterprise Real Time 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_rt:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7.1",
                "product": {
                  "name": "SUSE Enterprise Storage 7.1",
                  "product_id": "SUSE Enterprise Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
          "product_id": "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        },
        "product_reference": "go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-1705",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1705"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1705",
          "url": "https://www.suse.com/security/cve/CVE-2022-1705"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201434 for CVE-2022-1705",
          "url": "https://bugzilla.suse.com/1201434"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1705"
    },
    {
      "cve": "CVE-2022-1962",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-1962"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-1962",
          "url": "https://www.suse.com/security/cve/CVE-2022-1962"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201448 for CVE-2022-1962",
          "url": "https://bugzilla.suse.com/1201448"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-1962"
    },
    {
      "cve": "CVE-2022-24675",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-24675"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-24675",
          "url": "https://www.suse.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198423 for CVE-2022-24675",
          "url": "https://bugzilla.suse.com/1198423"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-24675"
    },
    {
      "cve": "CVE-2022-27536",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-27536"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-27536",
          "url": "https://www.suse.com/security/cve/CVE-2022-27536"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198427 for CVE-2022-27536",
          "url": "https://bugzilla.suse.com/1198427"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-27536"
    },
    {
      "cve": "CVE-2022-27664",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-27664"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-27664",
          "url": "https://www.suse.com/security/cve/CVE-2022-27664"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203185 for CVE-2022-27664",
          "url": "https://bugzilla.suse.com/1203185"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1203293 for CVE-2022-27664",
          "url": "https://bugzilla.suse.com/1203293"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-27664"
    },
    {
      "cve": "CVE-2022-28131",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28131"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28131",
          "url": "https://www.suse.com/security/cve/CVE-2022-28131"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201443 for CVE-2022-28131",
          "url": "https://bugzilla.suse.com/1201443"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-28131"
    },
    {
      "cve": "CVE-2022-28327",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-28327"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-28327",
          "url": "https://www.suse.com/security/cve/CVE-2022-28327"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1198424 for CVE-2022-28327",
          "url": "https://bugzilla.suse.com/1198424"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-28327"
    },
    {
      "cve": "CVE-2022-2879",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2879"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2879",
          "url": "https://www.suse.com/security/cve/CVE-2022-2879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204024 for CVE-2022-2879",
          "url": "https://bugzilla.suse.com/1204024"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-2879"
    },
    {
      "cve": "CVE-2022-2880",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-2880"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-2880",
          "url": "https://www.suse.com/security/cve/CVE-2022-2880"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204025 for CVE-2022-2880",
          "url": "https://bugzilla.suse.com/1204025"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204076 for CVE-2022-2880",
          "url": "https://bugzilla.suse.com/1204076"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-2880"
    },
    {
      "cve": "CVE-2022-29526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29526",
          "url": "https://www.suse.com/security/cve/CVE-2022-29526"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1199413 for CVE-2022-29526",
          "url": "https://bugzilla.suse.com/1199413"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29526"
    },
    {
      "cve": "CVE-2022-29804",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-29804"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-29804",
          "url": "https://www.suse.com/security/cve/CVE-2022-29804"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200137 for CVE-2022-29804",
          "url": "https://bugzilla.suse.com/1200137"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-29804"
    },
    {
      "cve": "CVE-2022-30580",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30580"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either \"..com\" or \"..exe\" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30580",
          "url": "https://www.suse.com/security/cve/CVE-2022-30580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200136 for CVE-2022-30580",
          "url": "https://bugzilla.suse.com/1200136"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-30580"
    },
    {
      "cve": "CVE-2022-30629",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30629"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30629",
          "url": "https://www.suse.com/security/cve/CVE-2022-30629"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200135 for CVE-2022-30629",
          "url": "https://bugzilla.suse.com/1200135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30629"
    },
    {
      "cve": "CVE-2022-30630",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30630"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30630",
          "url": "https://www.suse.com/security/cve/CVE-2022-30630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201447 for CVE-2022-30630",
          "url": "https://bugzilla.suse.com/1201447"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30630"
    },
    {
      "cve": "CVE-2022-30631",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30631"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30631",
          "url": "https://www.suse.com/security/cve/CVE-2022-30631"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201437 for CVE-2022-30631",
          "url": "https://bugzilla.suse.com/1201437"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30631"
    },
    {
      "cve": "CVE-2022-30632",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30632"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30632",
          "url": "https://www.suse.com/security/cve/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201445 for CVE-2022-30632",
          "url": "https://bugzilla.suse.com/1201445"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30632"
    },
    {
      "cve": "CVE-2022-30633",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30633"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the \u0027any\u0027 field tag.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30633",
          "url": "https://www.suse.com/security/cve/CVE-2022-30633"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201440 for CVE-2022-30633",
          "url": "https://bugzilla.suse.com/1201440"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30633"
    },
    {
      "cve": "CVE-2022-30634",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30634"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 \u003c\u003c 32 - 1 bytes.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30634",
          "url": "https://www.suse.com/security/cve/CVE-2022-30634"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1200134 for CVE-2022-30634",
          "url": "https://bugzilla.suse.com/1200134"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30634"
    },
    {
      "cve": "CVE-2022-30635",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-30635"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-30635",
          "url": "https://www.suse.com/security/cve/CVE-2022-30635"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201444 for CVE-2022-30635",
          "url": "https://bugzilla.suse.com/1201444"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-30635"
    },
    {
      "cve": "CVE-2022-32148",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-32148"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-32148",
          "url": "https://www.suse.com/security/cve/CVE-2022-32148"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1201436 for CVE-2022-32148",
          "url": "https://bugzilla.suse.com/1201436"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-32148"
    },
    {
      "cve": "CVE-2022-32189",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-32189"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-32189",
          "url": "https://www.suse.com/security/cve/CVE-2022-32189"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202035 for CVE-2022-32189",
          "url": "https://bugzilla.suse.com/1202035"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-32189"
    },
    {
      "cve": "CVE-2022-41715",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41715"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41715",
          "url": "https://www.suse.com/security/cve/CVE-2022-41715"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204023 for CVE-2022-41715",
          "url": "https://bugzilla.suse.com/1204023"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208441 for CVE-2022-41715",
          "url": "https://bugzilla.suse.com/1208441"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-41715"
    },
    {
      "cve": "CVE-2022-41716",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41716"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string \"A=B\\x00C=D\" sets the variables \"A=B\" and \"C=D\".",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41716",
          "url": "https://www.suse.com/security/cve/CVE-2022-41716"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204941 for CVE-2022-41716",
          "url": "https://bugzilla.suse.com/1204941"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 0,
            "baseSeverity": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-41716"
    },
    {
      "cve": "CVE-2022-41717",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41717"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41717",
          "url": "https://www.suse.com/security/cve/CVE-2022-41717"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206135 for CVE-2022-41717",
          "url": "https://bugzilla.suse.com/1206135"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-41717"
    },
    {
      "cve": "CVE-2022-41720",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41720"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(\"C:/tmp\").Open(\"COM1\") opens the COM1 device. Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS(\"\") has changed. Previously, an empty root was treated equivalently to \"/\", so os.DirFS(\"\").Open(\"tmp\") would open the path \"/tmp\". This now returns an error.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41720",
          "url": "https://www.suse.com/security/cve/CVE-2022-41720"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206134 for CVE-2022-41720",
          "url": "https://bugzilla.suse.com/1206134"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-41720"
    },
    {
      "cve": "CVE-2022-41723",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41723"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41723",
          "url": "https://www.suse.com/security/cve/CVE-2022-41723"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208270 for CVE-2022-41723",
          "url": "https://bugzilla.suse.com/1208270"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215588 for CVE-2022-41723",
          "url": "https://bugzilla.suse.com/1215588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-41723"
    },
    {
      "cve": "CVE-2022-41724",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41724"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all TLS 1.3 clients, TLS 1.2 clients which explicitly enable session resumption (by setting Config.ClientSessionCache to a non-nil value), and TLS 1.3 servers which request client certificates (by setting Config.ClientAuth \u003e= RequestClientCert).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41724",
          "url": "https://www.suse.com/security/cve/CVE-2022-41724"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208271 for CVE-2022-41724",
          "url": "https://bugzilla.suse.com/1208271"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-41724"
    },
    {
      "cve": "CVE-2022-41725",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-41725"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request methods FormFile, FormValue, ParseMultipartForm, and PostFormValue. ReadForm takes a maxMemory parameter, and is documented as storing \"up to maxMemory bytes +10MB (reserved for non-file parts) in memory\". File parts which cannot be stored in memory are stored on disk in temporary files. The unconfigurable 10MB reserved for non-file parts is excessively large and can potentially open a denial of service vector on its own. However, ReadForm did not properly account for all memory consumed by a parsed form, such as map entry overhead, part names, and MIME headers, permitting a maliciously crafted form to consume well over 10MB. In addition, ReadForm contained no limit on the number of disk files created, permitting a relatively small request body to create a large number of disk temporary files. With fix, ReadForm now properly accounts for various forms of memory overhead, and should now stay within its documented limit of 10MB + maxMemory bytes of memory consumption. Users should still be aware that this limit is high and may still be hazardous. In addition, ReadForm now creates at most one on-disk temporary file, combining multiple form parts into a single temporary file. The mime/multipart.File interface type\u0027s documentation states, \"If stored on disk, the File\u0027s underlying concrete type will be an *os.File.\". This is no longer the case when a form contains more than one file part, due to this coalescing of parts into a single file. The previous behavior of using distinct files for each form part may be reenabled with the environment variable GODEBUG=multipartfiles=distinct. Users should be aware that multipart.ReadForm and the http.Request methods that call it do not limit the amount of disk consumed by temporary files. Callers can limit the size of form data with http.MaxBytesReader.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
          "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
          "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-41725",
          "url": "https://www.suse.com/security/cve/CVE-2022-41725"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208272 for CVE-2022-41725",
          "url": "https://bugzilla.suse.com/1208272"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Enterprise Storage 7.1:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Real Time 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.4:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.4:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.ppc64le",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.s390x",
            "openSUSE Leap 15.5:go1.18-openssl-doc-1.18.10.1-150000.1.9.1.x86_64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.aarch64",
            "openSUSE Leap 15.5:go1.18-openssl-race-1.18.10.1-150000.1.9.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-05-30T06:54:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-41725"
    }
  ]
}

WID-SEC-W-2022-1461

Vulnerability from csaf_certbund - Published: 2022-09-18 22:00 - Updated: 2023-06-20 22:00

Summary

IBM Spectrum Protect: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme: - Linux

CVE-2018-25032

In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2021-22946

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2021-22947

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2021-3759

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2021-42550

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-1292

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-1705

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-2068

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-2097

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-22389

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-22390

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-22476

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-22576

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-23772

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-23773

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-23806

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-24675

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-27774

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-27776

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-27782

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-29361

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-29526

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-29804

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-30580

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-30629

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-30631

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-30633

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-30634

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-31028

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-32212

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-32213

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-32214

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-32215

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-32222

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-32223

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-33987

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-35919

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-40234

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

CVE-2022-40608

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM Spectrum Protect plus 10.1 IBM / Spectrum Protect	`cpe:/a:ibm:spectrum_protect:plus_10.1`	—

References

12 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7005589	external
https://www.ibm.com/support/pages/node/6620211	external
https://www.ibm.com/support/pages/node/6619915	external
https://www.ibm.com/support/pages/node/6621141	external
https://www.ibm.com/support/pages/node/6619963	external
https://www.ibm.com/support/pages/node/6621115	external
https://www.ibm.com/support/pages/node/6619919	external
https://www.ibm.com/support/pages/node/6619947	external
https://www.ibm.com/support/pages/node/6619975	external
https://www.ibm.com/support/pages/node/6620209	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM Spectrum Protect ist eine zentralisierte Backupl\u00f6sung f\u00fcr Systeme im Netzwerk.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-1461 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1461.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-1461 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1461"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7005589 vom 2023-06-21",
        "url": "https://www.ibm.com/support/pages/node/7005589"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6620211 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6620211"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6619915 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6619915"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6621141 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6621141"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6619963 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6619963"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6621115 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6621115"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6619919 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6619919"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6619947 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6619947"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6619975 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6619975"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin: 6620209 vom 2022-09-18",
        "url": "https://www.ibm.com/support/pages/node/6620209"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM Spectrum Protect: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-06-20T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:35:19.173+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-1461",
      "initial_release_date": "2022-09-18T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-09-18T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-06-20T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM Spectrum Protect plus 10.1",
                "product": {
                  "name": "IBM Spectrum Protect plus 10.1",
                  "product_id": "T015895",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM Spectrum Protect \u003c 10.1.12",
                "product": {
                  "name": "IBM Spectrum Protect \u003c 10.1.12",
                  "product_id": "T024647",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:10.1.12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM Spectrum Protect \u003c 8.1.16",
                "product": {
                  "name": "IBM Spectrum Protect \u003c 8.1.16",
                  "product_id": "T024648",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:8.1.16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spectrum Protect"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-25032",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2018-25032"
    },
    {
      "cve": "CVE-2021-22946",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2021-22946"
    },
    {
      "cve": "CVE-2021-22947",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2021-22947"
    },
    {
      "cve": "CVE-2021-3759",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2021-3759"
    },
    {
      "cve": "CVE-2021-42550",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2021-42550"
    },
    {
      "cve": "CVE-2022-1292",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-1292"
    },
    {
      "cve": "CVE-2022-1705",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-1705"
    },
    {
      "cve": "CVE-2022-2068",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2097",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-2097"
    },
    {
      "cve": "CVE-2022-22389",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-22389"
    },
    {
      "cve": "CVE-2022-22390",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-22390"
    },
    {
      "cve": "CVE-2022-22476",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-22476"
    },
    {
      "cve": "CVE-2022-22576",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-23772",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-23772"
    },
    {
      "cve": "CVE-2022-23773",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-23773"
    },
    {
      "cve": "CVE-2022-23806",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-23806"
    },
    {
      "cve": "CVE-2022-24675",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-24675"
    },
    {
      "cve": "CVE-2022-27774",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27776",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27782",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-29361",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-29361"
    },
    {
      "cve": "CVE-2022-29526",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-29526"
    },
    {
      "cve": "CVE-2022-29804",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-29804"
    },
    {
      "cve": "CVE-2022-30580",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-30580"
    },
    {
      "cve": "CVE-2022-30629",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-30629"
    },
    {
      "cve": "CVE-2022-30631",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-30631"
    },
    {
      "cve": "CVE-2022-30633",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-30633"
    },
    {
      "cve": "CVE-2022-30634",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-30634"
    },
    {
      "cve": "CVE-2022-31028",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-31028"
    },
    {
      "cve": "CVE-2022-32212",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-32212"
    },
    {
      "cve": "CVE-2022-32213",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-32213"
    },
    {
      "cve": "CVE-2022-32214",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-32214"
    },
    {
      "cve": "CVE-2022-32215",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-32215"
    },
    {
      "cve": "CVE-2022-32222",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-32222"
    },
    {
      "cve": "CVE-2022-32223",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-32223"
    },
    {
      "cve": "CVE-2022-33987",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-33987"
    },
    {
      "cve": "CVE-2022-35919",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-35919"
    },
    {
      "cve": "CVE-2022-40234",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-40234"
    },
    {
      "cve": "CVE-2022-40608",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T015895"
        ]
      },
      "release_date": "2022-09-18T22:00:00.000+00:00",
      "title": "CVE-2022-40608"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-29526 (GCVE-0-2022-29526)

Tags

Sightings

Nomenclature