Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-42003 (GCVE-0-2022-42003)
Vulnerability from cvelistv5 – Published: 2022-10-02 00:00 – Updated: 2024-08-03 12:56
VLAI
EPSS
Summary
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:56:39.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FasterXML/jackson-databind/issues/3590"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020"
},
{
"name": "GLSA-202210-21",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-21"
},
{
"name": "DSA-5283",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5283"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221124-0004/"
},
{
"name": "[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-20T09:33:08.256Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/FasterXML/jackson-databind/issues/3590"
},
{
"url": "https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33"
},
{
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020"
},
{
"name": "GLSA-202210-21",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-21"
},
{
"name": "DSA-5283",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5283"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221124-0004/"
},
{
"name": "[debian-lts-announce] 20221127 [SECURITY] [DLA 3207-1] jackson-databind security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-42003",
"datePublished": "2022-10-02T00:00:00.000Z",
"dateReserved": "2022-10-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T12:56:39.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-42003",
"date": "2026-05-28",
"epss": "0.00317",
"percentile": "0.54996"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-42003\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-10-02T05:15:09.070\",\"lastModified\":\"2024-11-21T07:24:15.093\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.\"},{\"lang\":\"es\",\"value\":\"En FasterXML jackson-databind anterior a 2.14.0-rc1, puede producirse un agotamiento de recursos debido a la falta de una comprobaci\u00f3n en los deserializadores de valores primitivos para evitar el anidamiento de arrays envolventes profundos, cuando la funci\u00f3n UNWRAP_SINGLE_VALUE_ARRAYS est\u00e1 activada. Versi\u00f3n de correcci\u00f3n adicional en 2.13.4.1 y 2.12.17.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.7.1\",\"matchCriteriaId\":\"0848F177-1977-4C9C-B91A-7374FF25F335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.13.0\",\"versionEndExcluding\":\"2.13.4.1\",\"matchCriteriaId\":\"A2BBD219-927A-40F3-9AFE-C6A8E7F3E26B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.13.3\",\"matchCriteriaId\":\"DA172A0D-FB5E-4754-BB9F-3DEC3366E6F8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"}]}]}],\"references\":[{\"url\":\"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/3590\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221124-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5283\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/3590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/11/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221124-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
OPENSUSE-SU-2024:14395-1
Vulnerability from csaf_opensuse - Published: 2024-10-11 00:00 - Updated: 2024-10-11 00:00Summary
java-jwt-4.4.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: java-jwt-4.4.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the java-jwt-4.4.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14395
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-4.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-4.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-4.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-4.4.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
6 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-jwt-4.4.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-jwt-4.4.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14395",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14395-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2024:14395-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AYI4ADCB2LJNS7XDQPTGN4DUUKYXS5OF/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2024:14395-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AYI4ADCB2LJNS7XDQPTGN4DUUKYXS5OF/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-42003 page",
"url": "https://www.suse.com/security/cve/CVE-2022-42003/"
}
],
"title": "java-jwt-4.4.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-10-11T00:00:00Z",
"generator": {
"date": "2024-10-11T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14395-1",
"initial_release_date": "2024-10-11T00:00:00Z",
"revision_history": [
{
"date": "2024-10-11T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-jwt-4.4.0-1.1.aarch64",
"product": {
"name": "java-jwt-4.4.0-1.1.aarch64",
"product_id": "java-jwt-4.4.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-jwt-javadoc-4.4.0-1.1.aarch64",
"product": {
"name": "java-jwt-javadoc-4.4.0-1.1.aarch64",
"product_id": "java-jwt-javadoc-4.4.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-jwt-4.4.0-1.1.ppc64le",
"product": {
"name": "java-jwt-4.4.0-1.1.ppc64le",
"product_id": "java-jwt-4.4.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-jwt-javadoc-4.4.0-1.1.ppc64le",
"product": {
"name": "java-jwt-javadoc-4.4.0-1.1.ppc64le",
"product_id": "java-jwt-javadoc-4.4.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-jwt-4.4.0-1.1.s390x",
"product": {
"name": "java-jwt-4.4.0-1.1.s390x",
"product_id": "java-jwt-4.4.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-jwt-javadoc-4.4.0-1.1.s390x",
"product": {
"name": "java-jwt-javadoc-4.4.0-1.1.s390x",
"product_id": "java-jwt-javadoc-4.4.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-jwt-4.4.0-1.1.x86_64",
"product": {
"name": "java-jwt-4.4.0-1.1.x86_64",
"product_id": "java-jwt-4.4.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-jwt-javadoc-4.4.0-1.1.x86_64",
"product": {
"name": "java-jwt-javadoc-4.4.0-1.1.x86_64",
"product_id": "java-jwt-javadoc-4.4.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-4.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-4.4.0-1.1.aarch64"
},
"product_reference": "java-jwt-4.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-4.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-4.4.0-1.1.ppc64le"
},
"product_reference": "java-jwt-4.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-4.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-4.4.0-1.1.s390x"
},
"product_reference": "java-jwt-4.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-4.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-4.4.0-1.1.x86_64"
},
"product_reference": "java-jwt-4.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-javadoc-4.4.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.aarch64"
},
"product_reference": "java-jwt-javadoc-4.4.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-javadoc-4.4.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.ppc64le"
},
"product_reference": "java-jwt-javadoc-4.4.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-javadoc-4.4.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.s390x"
},
"product_reference": "java-jwt-javadoc-4.4.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-jwt-javadoc-4.4.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.x86_64"
},
"product_reference": "java-jwt-javadoc-4.4.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-42003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-42003"
}
],
"notes": [
{
"category": "general",
"text": "In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-42003",
"url": "https://www.suse.com/security/cve/CVE-2022-42003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-jwt-4.4.0-1.1.x86_64",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.aarch64",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.s390x",
"openSUSE Tumbleweed:java-jwt-javadoc-4.4.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-11T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-42003"
}
]
}
RHSA-2022:7435
Vulnerability from csaf_redhat - Published: 2022-11-16 12:13 - Updated: 2026-04-30 16:21Summary
Red Hat Security Advisory: Logging Subsystem 5.4.8 - Red Hat OpenShift security update
Severity
Moderate
Notes
Topic: An update is now available for Logging subsystem for Red Hat OpenShift 5.4.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Logging Subsystem 5.4.8 - Red Hat OpenShift
Security Fix(es):
* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
* golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64 | — |
Threats
Impact
Moderate
A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64 | — |
Vendor Fix
fix
|
Known not affected
55 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64 | — |
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64 | — |
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64 | — |
Vendor Fix
fix
|
Known not affected
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64 | — |
Threats
Impact
Moderate
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Logging subsystem for Red Hat OpenShift 5.4.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.4.8 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n\n* golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:7435",
"url": "https://access.redhat.com/errata/RHSA-2022:7435"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2134010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134010"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "LOG-3250",
"url": "https://issues.redhat.com/browse/LOG-3250"
},
{
"category": "external",
"summary": "LOG-3252",
"url": "https://issues.redhat.com/browse/LOG-3252"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7435.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.4.8 - Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-04-30T16:21:27+00:00",
"generator": {
"date": "2026-04-30T16:21:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2022:7435",
"initial_release_date": "2022-11-16T12:13:01+00:00",
"revision_history": [
{
"date": "2022-11-16T12:13:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-16T12:13:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:21:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.4 for RHEL 8",
"product": {
"name": "RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.4::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-246"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-265"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-55"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-36"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-302"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.8-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-246"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-265"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-55"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-36"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-302"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.8-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-246"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-265"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-55"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-36"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-302"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.8-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.4.8-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.4.8-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.4.8-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.4.8-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-300"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-74"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-246"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-265"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-55"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.5-36"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-302"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.5.0-51"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.14-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.4.8-20"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.4.8-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v5.4.8-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v5.4.8-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"relates_to_product_reference": "8Base-RHOL-5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64 as a component of RHOL 5.4 for RHEL 8",
"product_id": "8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64",
"relates_to_product_reference": "8Base-RHOL-5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-16T12:13:01+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.4, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7435"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"cve": "CVE-2022-32149",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2022-10-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134010"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the golang.org/x/text/language package. An attacker can craft an Accept-Language header which ParseAcceptLanguage will take significant time to parse. This issue leads to a denial of service, and can impact availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "After careful analysis of the vulnerability Redhat is choosing to keep the vulnerability severity as moderate,the vulnerability exists in the ParseAcceptLanguage function of the golang text/language package,when an attacker could craft an unusually large accept header and due to the parser taking quadratic time complexity to finish, firstly the attacker would have to find a way smuggle an input to the parser and even then this would simply not result in a crash of any kind but more of resource hang which while can be unpleasant,does not equate to any real world damage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32149"
},
{
"category": "external",
"summary": "RHBZ#2134010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32149"
},
{
"category": "external",
"summary": "https://go.dev/issue/56152",
"url": "https://go.dev/issue/56152"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU",
"url": "https://groups.google.com/g/golang-dev/c/qfPIly0X7aU"
}
],
"release_date": "2022-10-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-16T12:13:01+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.4, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7435"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-16T12:13:01+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.4, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7435"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
],
"known_not_affected": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-11-16T12:13:01+00:00",
"details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.4, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:7435"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.4:openshift-logging/cluster-logging-operator-bundle@sha256:cb26d9e55f781dd535901a90f1ec2f8e02e8e1de72c0fde638c90fcc228ec4b2_amd64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:617cc8b0011110981674b75fe1e3041bfa434c952e4a0193818b971edbc7a480_s390x",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:637df49756fe85e7b38b279ffa7672d72c658d3d47df7f9dada2dd70563af83b_arm64",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:aa1602fe2abe23bd8a4c791bc45d425686a6e6d1aab4face0fac28bfc7cebbe1_ppc64le",
"8Base-RHOL-5.4:openshift-logging/cluster-logging-rhel8-operator@sha256:c698b52c46d41007e5ac4f90b9540d430820bd20a93468fddd3a949c7ef5b332_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-operator-bundle@sha256:7659606e0418a1920161b7ca67524ea6a7b1ed366b817f1a5cde0b346152243c_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:4f4e5bb267ad391bc0fc6a010ec9ecdf3bf48d5b6e9db0d2510960c13c97bd71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:b9c2e58b39dc3de97013f8806178f6327bf2e4590fe55db144527d64d468f64f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:c9a2b9e7cca14d9596ccbe0f64e2abe4452f91f029f42eefead43c9f526f6a58_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-proxy-rhel8@sha256:e38c55762c1eef39b401c46d44c899067b1566173e1ce239f17a95c52b30d8c7_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:2005f41e59a130bb86c2ec47d1b060e3e2ed32f9a4cef3897e2c05fc94043dbb_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:6a55934cf7af0c03e06d4ec7a15a80acf53491fb7a183c16fdf8018fbf9b4174_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:8ce04536772f31ad022b9c66cddc090d2962b44d66c06a1db56d1447be198326_amd64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch-rhel8-operator@sha256:dd211d42eaad043d9bdb519e3ad6a86255b7280a2cdf47dd3fe0458a77cb110f_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:17a9f3ae042b92693a374e3d60a07f2ab2e52419f8df25d446dd0654f6a858f6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:5b1cfc2f9a96601439cf17d1fe49a6bc6cad3b7273af87b23528090aefbfd915_s390x",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:8e0ba10f91db4cb8786d0501ec33a3d54f7c7c5337e0495cc2286a6ea20cca20_arm64",
"8Base-RHOL-5.4:openshift-logging/elasticsearch6-rhel8@sha256:fa8182b69328077500f89becc7621b48efa8d99f34247c2e6855dcfec13980e3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:4438a3bba34418a9dc566bf15f6b4764de4295ab8b05a7b1a86f9e8cd332b3f7_arm64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:bc408fc4b0482c5eb1b0deb3a9090f3e3dd9b370001d54cd076254562c72fec9_ppc64le",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:d50a2b89442d04b1163c01b3a3951857a95df76c57b14e7f51d835c3ac6d75b3_amd64",
"8Base-RHOL-5.4:openshift-logging/eventrouter-rhel8@sha256:f05aee8433dec1c9f6cf835038f9e5a47847d4095383bf3c22ca57c3fb69fa98_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:150e17cb645cf2f4cb7ab592572dd3abd145d9a33e790778280e256666248022_amd64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:36aecf05ca3cdaf29982b3efa4a1c97087be29b0a58c9777e6b0c11a34861aa8_s390x",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:e3a51d2bdc632b8376e28c33e9d4fac3464e3a84a313a17246b1f1cf21cb5710_arm64",
"8Base-RHOL-5.4:openshift-logging/fluentd-rhel8@sha256:ea07da04f06df6bf0d9dd981a3795dfdb51eca83f59a6291114650e3e98a9e71_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:167ee6a645c7397bde3d12e9b9685279505c25ffb3bda11ae68bdf0b34229f2e_amd64",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:4a029733337b10bb9fb8d98c91abc5451ca0b98713c8f2271a675251e025b6c0_s390x",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:812f4380024dc3df42310ad14d173d390f2bdf4b3dbdb02550c00552534f79ce_ppc64le",
"8Base-RHOL-5.4:openshift-logging/kibana6-rhel8@sha256:958ba6856cc76fc77d34a9c78888eb37b9c39b83a2f044ef2337610560ba9323_arm64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:043e4d3481fbfedf3115e18fade3a2f33b891b0d9a641bf973c2c7f492cb0489_amd64",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:4fe26adac10cf20b83812e4fa513231d7e1fd4b6cd4e09d4fd425c391885cfcc_ppc64le",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:85827db708c0927027435b05732cc7e34b0675eaa86665c91efacc76aecd6227_s390x",
"8Base-RHOL-5.4:openshift-logging/log-file-metric-exporter-rhel8@sha256:a5285db276a5545fdbaa9f0743a49ba72ce1c5da61b5cccc9422320a03e08bea_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:0b28415b8115ff3216002faa5c9ecf3c46995085e3364c8028cb544cb4787ed2_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:7016e867ddfe970d6d2d54d5615e8f613786bcfbfe52ebf3139c07da3d5a53db_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:94c435f45e9dbd9fa633e137356cfb1d6ac2d4dd7574b359367665da42d6203d_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-curator5-rhel8@sha256:d24afbc9228ef7f3d0a6fd716a3a57abde88a1f65d149c7df4f959a775b670bd_ppc64le",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:40d4989b4733f54a01a73831fa00b12e49fff69c75138902eac0d894d432e4d9_arm64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:b444af35118c24bde0dfa2a8825ba427b3345451f6081133477254213a3460f0_amd64",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:cfe410d498940a95da631ea213866a96a119034d78d5d53f7f9c7e8da56e0f45_s390x",
"8Base-RHOL-5.4:openshift-logging/logging-loki-rhel8@sha256:f7979c82140a0ab1a97c9f3151465bfbd9f79c4db9b0cc20f974cd7b890f074f_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-operator-bundle@sha256:02cceda51028eb55a3b82aa5275f03dbaf8f8f9ab3fd27c650d1a07a93044e37_amd64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:0f1be625b4012820f7ac439fed000808d7acb4e885ace16014461bf802be935a_s390x",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:28f45a80846c5e11638fb479be42cafcb2bdb3af94dff3629a820de295cbe31d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:df7de1e9f5a4396df6f14b1c4b6bb2a9ae4bc50d82cbc954ec535c26e8df2cb1_arm64",
"8Base-RHOL-5.4:openshift-logging/loki-rhel8-operator@sha256:f8a35557c9eb27f703ffa9320a9d39a2361d93fdb0b8c874d97da458048e7eec_amd64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:178fcf44e6a1fa90d27a40565f69ae2880622b017bc8d9e33a441353eb45609d_arm64",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:7b0c2c99cf0f710166b749dbfd7f544caf5fe35516c743fca251c7cec896e1d6_ppc64le",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:9c4959525339b607a98889d56f4c26f2e4af25032466c439903a7f1cb593f721_s390x",
"8Base-RHOL-5.4:openshift-logging/lokistack-gateway-rhel8@sha256:a967d5be7d3a6fdd75965a5f9a7396a52cdcb37d6a8521c440b0b5c650c230f2_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:1b106af51bb50f1ce4db13ebbf6f6c67eae45611c0d5dc46476f1dfaa8aca166_arm64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:92ddf24824c8f8ae93dec07184c446615b635389472d3a525df72da07c8d9b97_ppc64le",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:9fd0c5df785564b35392705a479d6fb9245e3329719438c76c0282f9ef2f2d55_amd64",
"8Base-RHOL-5.4:openshift-logging/opa-openshift-rhel8@sha256:be8ba0e4c5f24c7b4549700a25c89b10d4b2fc0b0e3888163bb53827914e95c1_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48bb136d11b44428c87489978873370848ac2b219b107ef7e81ab679db095234_s390x",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:48f0317d167710ff5b0787c73f6b7dd0249e7c8d2d001159132a97299c30b62d_ppc64le",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:bde21c03fb831d01e85b28245881f7e3f2bb2ef6d2671eb92b2e0cc4bd3898e2_arm64",
"8Base-RHOL-5.4:openshift-logging/vector-rhel8@sha256:cc6b9c6a344aac56c99c96b5120ffe2dad479000b34964ff89d030ae762bda43_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
RHSA-2022:8781
Vulnerability from csaf_redhat - Published: 2022-12-08 07:37 - Updated: 2026-05-27 08:35Summary
Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update
Severity
Moderate
Notes
Topic: Logging Subsystem 5.5.5 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Logging Subsystem 5.5.5 - Red Hat OpenShift
Security Fixe(s):
* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879, CVE-2022-2880, CVE-2022-41715)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* loader-utils: Regular expression denial of service (CVE-2022-37603)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Workaround
|
Threats
Impact
Low
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — |
Vendor Fix
fix
|
Known not affected
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x | — |
Vendor Fix
fix
|
Known not affected
50 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le | — |
Threats
Impact
Moderate
References
68 references
Acknowledgments
ADA Logics
Adam Korczynski
OSS-Fuzz
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging Subsystem 5.5.5 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.5.5 - Red Hat OpenShift\n\nSecurity Fixe(s):\n\n* jackson-databind: denial of service via a large depth of nested objects\u00a0(CVE-2020-36518)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879, CVE-2022-2880, CVE-2022-41715)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* loader-utils: Regular expression denial of service (CVE-2022-37603)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8781",
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "LOG-2860",
"url": "https://issues.redhat.com/browse/LOG-2860"
},
{
"category": "external",
"summary": "LOG-3131",
"url": "https://issues.redhat.com/browse/LOG-3131"
},
{
"category": "external",
"summary": "LOG-3222",
"url": "https://issues.redhat.com/browse/LOG-3222"
},
{
"category": "external",
"summary": "LOG-3226",
"url": "https://issues.redhat.com/browse/LOG-3226"
},
{
"category": "external",
"summary": "LOG-3284",
"url": "https://issues.redhat.com/browse/LOG-3284"
},
{
"category": "external",
"summary": "LOG-3287",
"url": "https://issues.redhat.com/browse/LOG-3287"
},
{
"category": "external",
"summary": "LOG-3301",
"url": "https://issues.redhat.com/browse/LOG-3301"
},
{
"category": "external",
"summary": "LOG-3305",
"url": "https://issues.redhat.com/browse/LOG-3305"
},
{
"category": "external",
"summary": "LOG-3310",
"url": "https://issues.redhat.com/browse/LOG-3310"
},
{
"category": "external",
"summary": "LOG-3332",
"url": "https://issues.redhat.com/browse/LOG-3332"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8781.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2026-05-27T08:35:20+00:00",
"generator": {
"date": "2026-05-27T08:35:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2022:8781",
"initial_release_date": "2022-12-08T07:37:32+00:00",
"revision_history": [
{
"date": "2022-12-08T07:37:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-08T07:37:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T08:35:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.5 for RHEL 8",
"product": {
"name": "RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.5::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.5.5-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.5.5-14"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-311"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-78"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-247"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-273"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-310"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-23"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-39"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.5.5-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-30"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-311"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-78"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-247"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-273"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-310"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-23"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-39"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-30"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-311"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-78"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-247"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-273"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-310"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-23"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-39"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-30"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-311"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-78"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-247"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-273"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-59"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-67"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-310"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-23"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-39"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-64"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-30"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64 as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le as a component of RHOL 5.5 for RHEL 8",
"product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\n\nThis flaw additionally affects the github.com/vbatts/tar-split library and was fixed in v0.12.1.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1",
"url": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-32189",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-08-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2113814"
}
],
"notes": [
{
"category": "description",
"text": "An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw stems from a particular and specific method (GoBDecode) which isn\u0027t commonly used. There are few components within Red Hat offerings which call this function. In rare cases where this method is called, the component limits possible damage or it is not possible to be triggered by an attacker. For these combined reasons the impact has been downgraded to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32189"
},
{
"category": "external",
"summary": "RHBZ#2113814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32189"
},
{
"category": "external",
"summary": "https://go.dev/issue/53871",
"url": "https://go.dev/issue/53871"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU",
"url": "https://groups.google.com/g/golang-nuts/c/DCFSyTGM0wU"
}
],
"release_date": "2022-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T07:37:32+00:00",
"details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:4e6ada19c48d471db0513a1b5acba91ebecca42ce5127778b96a72d62af85289_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:2ae6adcdc2e2a59937393d1dd5ed572d5e8952d9272090e640e86b6386e6f42d_amd64",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:3fa3c169ba1dcf58b785c7962917980e8320f28821e1ae6887f69f8e2c44ff77_ppc64le",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:9bf3af645e3127501675b0403846d4d027c1a8158b764da91835c9d5d6e69c0e_s390x",
"8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:f47b434af92096809a41f272b64f823cf8f18dca6f5f3dd19eb893803a333704_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:b0cd76c8a40808f7bd958f3eb4419d8b83bf7fc7268928df206d112201b8f02b_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:2ea3f735c85dbc5ff61b06b7ce153624b479d8e6e5db02e39313d077f30ba1a8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:607c9da7d689b47d2dd03450e76c4ba4ebfad0b40918aafdc292f3d88324478c_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a675a1e5e41af683b4840bac10ddc25802120c9357deb63996b478883b522f36_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fbd0c9e9f950fe7a86fbca643fb2b445dad6e6af3f6acc703c183ff23ad1f7bd_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:042fc4e4bfeba54937c3b18412bb0b63ae869d08d941ee489afee686e5cc5cab_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:33468166442c5b2d1efe2ba95e45fd7c7be70a61ce47f600071dd2c94e0a5494_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:acd5f97a99f44fbb171a49b39f18d5f3576256d1b499c2a45db97a3c7363fd22_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:efe8ac457c88dda976d3ff646fc9a22775aad65850b0461de23f59b4228c67fb_s390x",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:29386946cc140f739c2d0090636f23fdcc52842291e9d7afc6dabb22f96e18fa_amd64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:6533a980b85e6770fe1eaa0c01b066cd71e717f6b1693b0c6224d263302b8684_ppc64le",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:90eea1b6df3cd5eeaa5e7129ad301108be22595ef89d93c1360ba959ff887b61_arm64",
"8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:9a54c0ec2584201ac2b60e28a825f39d3e34ff0dff5a25dceec4c77181a11585_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:80e93cc593d29699e687c42e6ad7478b1edd9612394ac68717518896fbf3d59f_s390x",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:964653fa2debfd9d3182cfdc9d1c8e4e0af6b43ef17bce30461d6ad5550fabb8_amd64",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:bdcf68cb4d7dbccfe2c7914f59b5dda2782c4f86d599be05b9b56d1be1a44c1c_ppc64le",
"8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:ef7118853a0497269ee4886fc440f351d0874dd45e1736ef057a9e9c5c47b197_arm64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:14d23de43f812da032cf4546429940537d3133e71655de62f062469b08953132_amd64",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:20d9d6c99a80454aaf3e57474057b23280c60a2cceeaf9797b62c771b2071f29_s390x",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:850e19b4493a3c825cbe1237b5bb127ea6b9d3e9bdaa50aef85f89ddab7406b3_ppc64le",
"8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:dfd9d7724b966a5e985713432adb4637d385a271b35d0ef00c5551a73ec6da9a_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:d1d24e642ce99d02107657c75150182231ef199f23b8c2e378d430409932a4b0_s390x",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:e0277f43b4f98df76de29e2c2e2777dcc4916fcad1623e16fe88efc9aa12359b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:f07eb3c5d5c022172251329bfe5c528c1400410117e4a5cfdc890a36bf1c0ef2_arm64",
"8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:fb60d4c2c8beef219be6a1195664c637a86f091800b84f9ccbec93c95057bc75_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9ed7277584f988ae878fe879e7634dbb72ffb181b750fefb88e9a361c3f901_amd64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:90697005dca6ac797503de554e015023a992a9aaf9e3ac6832f69b17acb2ca26_ppc64le",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:a4fc6b62854a412a6882034aa52c1cb75c625d1a1fefbcac74f4ca1b832101b8_arm64",
"8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d6b56fc7564941f340bb900c3e5b50452f8e9b73f335108ffef09954ea903ccb_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:2365daf06c70004a9f015e299e0da11e147ee1ee2874eff430335f820516a353_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:3837431f66e694bd4a8e2486a3f63eb3e3ec23b3a0af2197ec96ada8c1ab3785_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:4f7a36f783fd24c830578b0ac585b90190fb8009406b0f2ee2592278c4e48f9e_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:e6ba426e9607f1a78609fecaaff4cf1885df98b58042bab3677f5a3dc9eee435_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:80c210d802fb546813760c9a01eb49c038e172119751418afe3857cf85333252_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:98afc8e09fd230d8bb90cedd66cb6ac0f6f0c60195cb2f02910bb1ce564e477b_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:cea38f36c7b1620c9b76a02b884f0f5b18f3c0730217d658d69de9047e7cb655_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:f14f41b5822159739ea39d07619ab29c995c9cff0683653f683c7dace9efd4b8_ppc64le",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:23f3764606b50ada85bd3391fc7562fd912b5a91076c9ea1545f50350f576e8e_amd64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:36750efa1396ca19d78661c6b6ac3248fd460f3c7eaedd2d4baef3f5eac4e33b_arm64",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4970430e048958246de1a798fead9f1ab31d1a6ba051be4a9223c769671986d1_s390x",
"8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:a155d48ba258d3950641c2066097dad7d9d8561ab23ea6f606e32fa9672e0780_ppc64le",
"8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:18e86b71d8f7b537a6095ca5b55f8a12e7b5eda284f481c552e0b39f6497fd3f_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:1d11959ab71a0c2c968ae4f0d1824b8279c61e8732ac852be00d3701b3265dd0_s390x",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:bddf04e3d090c41952304c40f9609c7fb32d1dcb53d39fb81bd010ae7de1d936_arm64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:cd352e6c27ee021998392a8b9d06bda164f9ed55484534d4265e4acd1c9cf413_amd64",
"8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:e8e8af399d2ab4bcd23bbb4886f529e9fb1f7389f0177257cf601320cae1d013_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:798f10ecfee7f066a4887f79f2972a281cab84ad1d9f2240889ed3ef4d954c5d_arm64",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:8572d4ba4377416b9331e108dec05dfd55b68349f6d074c3240b81b2acceaa1d_s390x",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:e9ba9b3f1b0db82ab5ed5541e18a77b26d5a6627d05935cd75a2ad3d019ed3d9_ppc64le",
"8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:ea6b0a109e7e257006dfd4405f919178a209ab11abda06b8989d06ecbba8d844_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:4368adadd55f9181491a0b9165ec87e5e85cd9a020a99576649a3a6fe4f8fb4d_arm64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:6fac980e1119f932e7e4354d305f4a0d63956064e4e0d8502a3a15e431aa2859_amd64",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:738aae81461854fd080f80fa6b7913825eb5227fcfce2c5f6aeeac901fb0d16b_ppc64le",
"8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:b348a21736da16113a93206c8076ad34b973cae63997a5498b0d72229dd1049b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:152521851fd656f6b30eb01b679ce5ca60de243e7a3fc981506bb78dd9da9fdc_arm64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:2f029a58d4f84cb243631ebd994635f7768a79ba8bd22037b7a535a492adbd0b_amd64",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b6e8056713657a281df193b7d9875d547813610e559c5c3cf81caf8ed17e9a7b_s390x",
"8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:b76e6cba010f4f41a98a4c47f410043acb85da706e662ef78e45a38110f91874_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
RHSA-2022:8876
Vulnerability from csaf_redhat - Published: 2022-12-07 08:19 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.
This release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections
* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* (CVE-2022-42004) jackson-databind: use of deeply nested arrays
* (CVE-2022-42889) apache-commons-text: variable interpolation RCE
* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode
* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject
* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Broker 7
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_broker:7
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Broker 7.10.2 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms.\n\nThis release of Red Hat AMQ Broker 7.10.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2022-25857) snakeyaml: Denial of Service due to missing nested depth limitation for collections\n* (CVE-2022-42003) jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n* (CVE-2022-42004) jackson-databind: use of deeply nested arrays\n* (CVE-2022-42889) apache-commons-text: variable interpolation RCE\n* (CVE-2022-38749) snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode\n* (CVE-2022-38750) snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject\n* (CVE-2022-38751) snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8876",
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.broker\u0026version=7.10.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.10"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8876.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Broker 7.10.2 release and security update",
"tracking": {
"current_release_date": "2026-05-05T10:06:06+00:00",
"generator": {
"date": "2026-05-05T10:06:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2022:8876",
"initial_release_date": "2022-12-07T08:19:44+00:00",
"revision_history": [
{
"date": "2022-12-07T08:19:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-07T08:19:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Broker 7",
"product": {
"name": "Red Hat AMQ Broker 7",
"product_id": "Red Hat AMQ Broker 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_broker:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Broker 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-07T08:19:44+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Broker 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8876"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat AMQ Broker 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Broker 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2022:8889
Vulnerability from csaf_redhat - Published: 2022-12-08 17:25 - Updated: 2026-03-28 00:54Summary
Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update
Severity
Moderate
Notes
Topic: Openshift Logging Bug Fix Release (5.3.14)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Openshift Logging Bug Fix Release (5.3.14)
Security Fixe(s):
* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x | — |
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x | — |
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le | — |
Vendor Fix
fix
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x | — |
Threats
Impact
Moderate
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Openshift Logging Bug Fix Release (5.3.14)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.3.14)\n\nSecurity Fixe(s):\n\n* jackson-databind: denial of service via a large depth of nested objects\u00a0(CVE-2020-36518)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8889",
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "LOG-3293",
"url": "https://issues.redhat.com/browse/LOG-3293"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8889.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update",
"tracking": {
"current_release_date": "2026-03-28T00:54:39+00:00",
"generator": {
"date": "2026-03-28T00:54:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2022:8889",
"initial_release_date": "2022-12-08T17:25:26+00:00",
"revision_history": [
{
"date": "2022-12-08T17:25:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-08T17:25:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-28T00:54:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.14-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-315"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-169"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-259"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-277"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-223"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-311"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.14-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-315"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-169"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-259"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-277"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-223"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-311"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.14-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.14-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.14-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-315"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-169"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-259"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-277"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-223"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-311"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T17:25:26+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T17:25:26+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T17:25:26+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
RHSA-2022:9023
Vulnerability from csaf_redhat - Published: 2022-12-14 13:15 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Quarkus. Red Hat Product
Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus
* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE
* CVE-2022-37734 graphql-java: DoS by malicious query
* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS
* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE
* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
* CVE-2022-42004 jackson-databind: use of deeply nested arrays
* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.
8.0 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 2.13.5
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
50 references
Acknowledgments
Contrast Security
Joseph Beeton
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus. Red Hat Product\nSecurity has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.13.5 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-4147 quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus \n\n* CVE-2022-4116 quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE\n\n* CVE-2022-37734 graphql-java: DoS by malicious query\n\n* CVE-2022-3171 protobuf-java: timeout in parser leads to DoS\n\n* CVE-2022-42889 commons-text: apache-commons-text: variable interpolation RCE\n\n* CVE-2022-42003 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n\n* CVE-2022-42004 jackson-databind: use of deeply nested arrays \n\n* CVE-2022-31197 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:9023",
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.13.5",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=redhat.quarkus\u0026version=2.13.5"
},
{
"category": "external",
"summary": "2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "2144748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144748"
},
{
"category": "external",
"summary": "2148867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148867"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9023.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.5 release and security update",
"tracking": {
"current_release_date": "2026-05-05T10:06:07+00:00",
"generator": {
"date": "2026-05-05T10:06:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2022:9023",
"initial_release_date": "2022-12-14T13:15:01+00:00",
"revision_history": [
{
"date": "2022-12-14T13:15:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-14T13:15:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 2.13.5",
"product": {
"name": "Red Hat build of Quarkus 2.13.5",
"product_id": "Red Hat build of Quarkus 2.13.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:2.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-3171",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2137645"
}
],
"notes": [
{
"category": "description",
"text": "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "protobuf-java: timeout in parser leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3171"
},
{
"category": "external",
"summary": "RHBZ#2137645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3171"
},
{
"category": "external",
"summary": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2",
"url": "https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2"
}
],
"release_date": "2022-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "protobuf-java: timeout in parser leads to DoS"
},
{
"acknowledgments": [
{
"names": [
"Joseph Beeton"
],
"organization": "Contrast Security"
}
],
"cve": "CVE-2022-4116",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-11-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2144748"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in quarkus. This issue occurs in Dev UI Config Editor, which is vulnerable to drive-by localhost attacks leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4116"
},
{
"category": "external",
"summary": "RHBZ#2144748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4116"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4116",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4116"
}
],
"release_date": "2022-11-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "quarkus_dev_ui: Dev UI Config Editor is vulnerable to drive-by localhost attacks leading to RCE"
},
{
"cve": "CVE-2022-4147",
"cwe": {
"id": "CWE-1026",
"name": "CWE-1026"
},
"discovery_date": "2022-11-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2148867"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quarkus. The Quarkus CORS filter allows simple GET and POST requests with an invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest have no event listeners registered on the object returned by the XMLHttpRequest upload property, and have no ReadableStream object used in the request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4147"
},
{
"category": "external",
"summary": "RHBZ#2148867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4147"
}
],
"release_date": "2022-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quarkus-vertx-http: Security misconfiguration of CORS : OWASP A05_2021 level in Quarkus"
},
{
"cve": "CVE-2022-31197",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2022-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129428"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgresQL. This flaw allows an attacker to benefit from a miss escaping character and leads to a SQL injection attack due to Java.sql.ResultRow.refreshRow() implementation from PGSQL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "User applications that do not invoke the `ResultSet.refreshRow()` method are not impacted.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be presented soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31197"
},
{
"category": "external",
"summary": "RHBZ#2129428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31197"
},
{
"category": "external",
"summary": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2",
"url": "https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-r38f-c4h4-hqq2"
}
],
"release_date": "2022-08-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names"
},
{
"cve": "CVE-2022-37734",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GraphQL Java. This flaw allows an attacker to use a malicious query in GraphQL to cause a denial of service due to inefficient lexer input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql-java: DoS by malicious query",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37734"
},
{
"category": "external",
"summary": "RHBZ#2126809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37734"
}
],
"release_date": "2022-09-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "graphql-java: DoS by malicious query"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 2.13.5"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-14T13:15:01+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9023"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 2.13.5"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2022:9032
Vulnerability from csaf_redhat - Published: 2022-12-15 12:39 - Updated: 2026-04-30 12:51Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.4 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details: This release of Red Hat build of Eclipse Vert.x 4.3.4 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Eclipse Vert.x 4.3.4
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Eclipse Vert.x 4.3.4
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Eclipse Vert.x 4.3.4
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.3.4 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* snakeyaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:9032",
"url": "https://access.redhat.com/errata/RHSA-2022:9032"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_9032.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.4 security update",
"tracking": {
"current_release_date": "2026-04-30T12:51:11+00:00",
"generator": {
"date": "2026-04-30T12:51:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2022:9032",
"initial_release_date": "2022-12-15T12:39:51+00:00",
"revision_history": [
{
"date": "2022-12-15T12:39:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-15T12:39:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T12:51:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Eclipse Vert.x 4.3.4",
"product": {
"name": "Red Hat build of Eclipse Vert.x 4.3.4",
"product_id": "Red Hat build of Eclipse Vert.x 4.3.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-15T12:39:51+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9032"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-15T12:39:51+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9032"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-15T12:39:51+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:9032"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
RHSA-2023:0189
Vulnerability from csaf_redhat - Published: 2023-01-17 11:47 - Updated: 2026-03-27 00:56Summary
Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update
Severity
Moderate
Notes
Topic: Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency.
This release of Red Hat AMQ Streams 2.3.0 serves as a replacement for Red Hat AMQ Streams 2.2.0, and includes security and bug fixes, and enhancements.
Security Fix(es):
* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)
* jetty-server: Improper release of ByteBuffers in SslConnections (CVE-2022-2191)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jetty-http: improver hostname input handling (CVE-2022-2047)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Eclipse Jetty. When parsing the authority segment of an HTTP scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This issue can lead to failures in a Proxy scenario.
CWE-20 - Improper Input ValidationAffected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Jetty-server package. This flaw allows an attacker to send invalid requests, causing a denial of service in the Jetty Server.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat AMQ Streams 2.3.0
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:amq_streams:2
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AMQ Streams 2.3.0 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. \n\nThis release of Red Hat AMQ Streams 2.3.0 serves as a replacement for Red Hat AMQ Streams 2.2.0, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* http2-server: Invalid HTTP/2 requests cause DoS (CVE-2022-2048)\n\n* jetty-server: Improper release of ByteBuffers in SslConnections (CVE-2022-2191)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jetty-http: improver hostname input handling (CVE-2022-2047)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0189",
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.3.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.amq.streams\u0026version=2.3.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq_streams/2.3",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq_streams/2.3"
},
{
"category": "external",
"summary": "2116949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116949"
},
{
"category": "external",
"summary": "2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "2116953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116953"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0189.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AMQ Streams 2.3.0 release and security update",
"tracking": {
"current_release_date": "2026-03-27T00:56:02+00:00",
"generator": {
"date": "2026-03-27T00:56:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2023:0189",
"initial_release_date": "2023-01-17T11:47:38+00:00",
"revision_history": [
{
"date": "2023-01-17T11:47:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-17T11:47:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T00:56:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Streams 2.3.0",
"product": {
"name": "Red Hat AMQ Streams 2.3.0",
"product_id": "Red Hat AMQ Streams 2.3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-2047",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116949"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Jetty. When parsing the authority segment of an HTTP scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This issue can lead to failures in a Proxy scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-http: improver hostname input handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Satellite jetty was used to build index files to search documentation. Nowadays in Satellite 6.9 and 6.10 jetty dependency is not in use and there is no access to it, so there is no way this vulnerability can be exploitable. Therefore Satellite supported versions are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2047"
},
{
"category": "external",
"summary": "RHBZ#2116949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2047"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-cj7v-27pg-wf7q"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jetty-http: improver hostname input handling"
},
{
"cve": "CVE-2022-2048",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116952"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http2-server: Invalid HTTP/2 requests cause DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2048"
},
{
"category": "external",
"summary": "RHBZ#2116952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116952"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2048"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http2-server: Invalid HTTP/2 requests cause DoS"
},
{
"cve": "CVE-2022-2191",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2022-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2116953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jetty-server package. This flaw allows an attacker to send invalid requests, causing a denial of service in the Jetty Server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jetty-server: Improper release of ByteBuffers in SslConnections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat Satellite 6.9 we are using 9.4.x or below of jetty-server. Red Hat Satellite 6.10 is not using jetty-server anymore. This flaw only affects versions above 10.0.x or 11.0.x of jetty-server, therefore Red Hat Satellite 6.9 or 6.10 are not impacted by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2191"
},
{
"category": "external",
"summary": "RHBZ#2116953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2191"
},
{
"category": "external",
"summary": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28"
}
],
"release_date": "2022-07-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jetty-server: Improper release of ByteBuffers in SslConnections"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AMQ Streams 2.3.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-17T11:47:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat AMQ Streams 2.3.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0189"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AMQ Streams 2.3.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
RHSA-2023:0261
Vulnerability from csaf_redhat - Published: 2023-01-18 14:55 - Updated: 2026-05-05 10:06Summary
Red Hat Security Advisory: Satellite 6.12.1 Async Security Update
Severity
Critical
Notes
Topic: Updated Satellite 6.12 packages that fixes critical security bugs and several regular bugs are now available for Red Hat Satellite.
Details: Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Security fix(es):
tfm-rubygem-activerecord: activerecord: Possible RCE escalation bug with Serialized Columns in Active Record (CVE-2022-32224)
candlepin: apache-commons-text: variable interpolation RCE (CVE-2022-42889)
This update fixes the following bugs:
2082209 - Another deadlock issue when syncing repos with high concurrency
2141308 - It appears that the egg is downloaded every time
2150069 - With every edit of an exising webhook, the value in password field disappears in Satellite 6.10/6.11/6.12
2150108 - Satellite-clone not working if ansible-core 2.13 is installed
2150111 - Insights recommendation sync failing in Satelliite
2150112 - Random failure of Inventory Sync
2150114 - Insights-client --register --verbose throwing error UnicodeEncodeError: 'ascii' codec can't encode character '\ufffd' in position 94: ordinal not in range(128)
2150118 - Error "no certificate or crl found" when using a http proxy as "Default Http Proxy" for content syncing or manifest operations in Satellite 6.12
2150119 - Content view publish fails when the content view and repository both have a large name with : Error message: the server returns an error HTTP status code: 500
2150123 = Inspecting an image with skopeo no longer works on Capsules
2150125 - Syncable exports across partitions causes ' Invalid cross-device link' error
2150120 - Upgrade to Satellite 6.12 may fail to apply RemoveDrpmFromIgnorableContent migration if erratum is also a ignorable content type for any repo
Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An insecure deserialization flaw was found in Active Record, which uses YAML.unsafe_load to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution (RCE), resulting in complete system compromise.
8.5 (High)
Affected products
Fixed
2 products
Known not affected
111 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Important
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
113 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
0.0 (None)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
110 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Low
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.12 packages that fixes critical security bugs and several regular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.\n\nSecurity fix(es):\ntfm-rubygem-activerecord: activerecord: Possible RCE escalation bug with Serialized Columns in Active Record (CVE-2022-32224)\ncandlepin: apache-commons-text: variable interpolation RCE (CVE-2022-42889)\n\nThis update fixes the following bugs:\n2082209 - Another deadlock issue when syncing repos with high concurrency\n2141308 - It appears that the egg is downloaded every time\n2150069 - With every edit of an exising webhook, the value in password field disappears in Satellite 6.10/6.11/6.12\n2150108 - Satellite-clone not working if ansible-core 2.13 is installed\n2150111 - Insights recommendation sync failing in Satelliite\n2150112 - Random failure of Inventory Sync\n2150114 - Insights-client --register --verbose throwing error UnicodeEncodeError: \u0027ascii\u0027 codec can\u0027t encode character \u0027\\ufffd\u0027 in position 94: ordinal not in range(128)\n2150118 - Error \"no certificate or crl found\" when using a http proxy as \"Default Http Proxy\" for content syncing or manifest operations in Satellite 6.12\n2150119 - Content view publish fails when the content view and repository both have a large name with : Error message: the server returns an error HTTP status code: 500\n2150123 = Inspecting an image with skopeo no longer works on Capsules\n2150125 - Syncable exports across partitions causes \u0027 Invalid cross-device link\u0027 error \n2150120 - Upgrade to Satellite 6.12 may fail to apply RemoveDrpmFromIgnorableContent migration if erratum is also a ignorable content type for any repo \n\nUsers of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0261",
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2082209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082209"
},
{
"category": "external",
"summary": "2108997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108997"
},
{
"category": "external",
"summary": "2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "2141308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2141308"
},
{
"category": "external",
"summary": "2150069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150069"
},
{
"category": "external",
"summary": "2150108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150108"
},
{
"category": "external",
"summary": "2150111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150111"
},
{
"category": "external",
"summary": "2150112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150112"
},
{
"category": "external",
"summary": "2150114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150114"
},
{
"category": "external",
"summary": "2150118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150118"
},
{
"category": "external",
"summary": "2150119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150119"
},
{
"category": "external",
"summary": "2150120",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150120"
},
{
"category": "external",
"summary": "2150123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150123"
},
{
"category": "external",
"summary": "2150125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150125"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0261.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.12.1 Async Security Update",
"tracking": {
"current_release_date": "2026-05-05T10:06:12+00:00",
"generator": {
"date": "2026-05-05T10:06:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2023:0261",
"initial_release_date": "2023-01-18T14:55:53+00:00",
"revision_history": [
{
"date": "2023-01-18T14:55:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-18T14:55:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-05T10:06:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pulp-container-0:2.10.10-1.el8pc.src",
"product": {
"name": "python-pulp-container-0:2.10.10-1.el8pc.src",
"product_id": "python-pulp-container-0:2.10.10-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-container@2.10.10-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulpcore-0:3.18.11-1.el8pc.src",
"product": {
"name": "python-pulpcore-0:3.18.11-1.el8pc.src",
"product_id": "python-pulpcore-0:3.18.11-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.18.11-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"product_id": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.18.9-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"product": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"product_id": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@6.0.44-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"product": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"product_id": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_webhooks@3.0.5-1.1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"product_id": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.5.0.22-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"product": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"product_id": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_container_gateway@1.0.7-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.12.1-1.el8sat.src",
"product": {
"name": "satellite-0:6.12.1-1.el8sat.src",
"product_id": "satellite-0:6.12.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.12.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.3.0.18-1.el8sat.src",
"product": {
"name": "foreman-0:3.3.0.18-1.el8sat.src",
"product_id": "foreman-0:3.3.0.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.3.0.18-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"product": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"product_id": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.0.6-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-rails-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.0.6-2.el8sat.src",
"product": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.src",
"product_id": "rubygem-railties-0:6.0.6-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.0.6-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.2.0-2.el8sat.src",
"product": {
"name": "satellite-clone-0:3.2.0-2.el8sat.src",
"product_id": "satellite-clone-0:3.2.0-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.2.0-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.1.18-1.el8sat.src",
"product": {
"name": "candlepin-0:4.1.18-1.el8sat.src",
"product_id": "candlepin-0:4.1.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.1.18-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"product": {
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"product_id": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-container@2.10.10-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"product": {
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"product_id": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.18.11-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.18.9-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"product_id": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@6.0.44-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"product_id": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_webhooks@3.0.5-1.1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.5.0.22-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"product": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"product_id": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_container_gateway@1.0.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-common-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.12.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-gce@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.3.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"product_id": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.0.6-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"product": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"product_id": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.0.6-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"product": {
"name": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"product_id": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-clone@3.2.0-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-0:4.1.18-1.el8sat.noarch",
"product": {
"name": "candlepin-0:4.1.18-1.el8sat.noarch",
"product_id": "candlepin-0:4.1.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.1.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"product_id": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.1.18-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.10.10-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.10.10-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.18.11-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.18.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.2.0-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch"
},
"product_reference": "satellite-clone-0:3.2.0-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-clone-0:3.2.0-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src"
},
"product_reference": "satellite-clone-0:3.2.0-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.1.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch"
},
"product_reference": "candlepin-0:4.1.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.1.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src"
},
"product_reference": "candlepin-0:4.1.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.1.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.3.0.18-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src"
},
"product_reference": "foreman-0:3.3.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-gce-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-container-0:2.10.10-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src"
},
"product_reference": "python-pulp-container-0:2.10.10-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.18.9-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.18.9-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.18.11-1.el8pc.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.18.11-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-container-0:2.10.10-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch"
},
"product_reference": "python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.18.11-1.el8pc.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actioncable-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionpack-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actiontext-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-actionview-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activejob-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activemodel-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activerecord-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-activestorage-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.0.6-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.0.6-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src"
},
"product_reference": "rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src"
},
"product_reference": "rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.5.0.22-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.5.0.22-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-rails-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-rails-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch"
},
"product_reference": "rubygem-railties-0:6.0.6-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.0.6-2.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src"
},
"product_reference": "rubygem-railties-0:6.0.6-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.12.1-1.el8sat.src as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.12.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.12.1-1.el8sat.noarch as a component of Red Hat Satellite 6.12 for RHEL 8",
"product_id": "8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.12.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32224",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-07-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108997"
}
],
"notes": [
{
"category": "description",
"text": "An insecure deserialization flaw was found in Active Record, which uses YAML.unsafe_load to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution (RCE), resulting in complete system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "activerecord: Possible RCE escalation bug with Serialized Columns in Active Record",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32224"
},
{
"category": "external",
"summary": "RHBZ#2108997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108997"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32224"
},
{
"category": "external",
"summary": "https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017",
"url": "https://discuss.rubyonrails.org/t/cve-2022-32224-possible-rce-escalation-bug-with-serialized-columns-in-active-record/81017"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-18T14:55:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "activerecord: Possible RCE escalation bug with Serialized Columns in Active Record"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-18T14:55:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42889",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2022-10-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-text: variable interpolation RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In order to carry successful exploitation of this vulnerability, the following conditions must be in place on the affected target:\n - Usage of specific methods that interpolate the variables as described in the flaw\n - Usage of external input for those methods\n - Usage of that external input has to be unsanitized/no \"allow list\"/etc.\n\nThe following products have *Low* impact because they have maven references to the affected package but do not ship it nor use the code:\n- Red Hat EAP Expansion Pack (EAP-XP)\n- Red Hat Camel-K\n- Red Hat Camel-Quarkus\n\nRed Hat Satellite ships Candlepin that embeds Apache Commons Text, however, it is not vulnerable to the flaw since the library has not been exposed in the product code. In Candlepin, the Commons Text is being pulled for the Liquibase and ActiveMQ Artemis libraries as a dependency. Red Hat Product Security has evaluated and rated the impact of the flaw as Low for Satellite since there was no harm identified to the confidentiality, integrity, or availability of systems.\n\n- The OCP has a *Moderate* impact because the affected library is a third-party library in the OCP jenkins-2-plugin component which reduces the possibilities of successful exploitation.\n- The OCP-4.8 is affected by this CVE and is in an extended life phase. For versions of products in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42889"
},
{
"category": "external",
"summary": "RHBZ#2135435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42889"
},
{
"category": "external",
"summary": "https://blogs.apache.org/security/entry/cve-2022-42889",
"url": "https://blogs.apache.org/security/entry/cve-2022-42889"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om",
"url": "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om"
},
{
"category": "external",
"summary": "https://seclists.org/oss-sec/2022/q4/22",
"url": "https://seclists.org/oss-sec/2022/q4/22"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-18T14:55:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0261"
},
{
"category": "workaround",
"details": "This flaw may be avoided by ensuring that any external inputs used with the Commons-Text lookup methods are sanitized properly. Untrusted input should always be thoroughly sanitized before using in any potentially risky situations.",
"product_ids": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-capsule:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12-capsule:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12-capsule:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-capsule:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-capsule:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.noarch",
"8Base-satellite-6.12-maintenance:satellite-clone-0:3.2.0-2.el8sat.src",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12-utils:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12-utils:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12-utils:satellite-common-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:candlepin-0:4.1.18-1.el8sat.src",
"8Base-satellite-6.12:candlepin-selinux-0:4.1.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-0:3.3.0.18-1.el8sat.src",
"8Base-satellite-6.12:foreman-cli-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-debug-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-dynflow-sidekiq-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ec2-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-gce-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-journald-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-libvirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-openstack-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-ovirt-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-postgresql-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-service-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-telemetry-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:foreman-vmware-0:3.3.0.18-1.el8sat.noarch",
"8Base-satellite-6.12:python-pulp-container-0:2.10.10-1.el8pc.src",
"8Base-satellite-6.12:python-pulp-rpm-0:3.18.9-1.el8pc.src",
"8Base-satellite-6.12:python-pulpcore-0:3.18.11-1.el8pc.src",
"8Base-satellite-6.12:python39-pulp-container-0:2.10.10-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulp-rpm-0:3.18.9-1.el8pc.noarch",
"8Base-satellite-6.12:python39-pulpcore-0:3.18.11-1.el8pc.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actioncable-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailbox-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionmailer-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionpack-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actiontext-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-actionview-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activejob-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activemodel-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activerecord-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activestorage-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-activesupport-0:6.0.6-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_rh_cloud-0:6.0.44-1.el8sat.src",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-foreman_webhooks-0:3.0.5-1.1.el8sat.src",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-katello-0:4.5.0.22-1.el8sat.src",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-rails-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.noarch",
"8Base-satellite-6.12:rubygem-railties-0:6.0.6-2.el8sat.src",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.noarch",
"8Base-satellite-6.12:rubygem-smart_proxy_container_gateway-0:1.0.7-1.el8sat.src",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-0:6.12.1-1.el8sat.src",
"8Base-satellite-6.12:satellite-capsule-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-cli-0:6.12.1-1.el8sat.noarch",
"8Base-satellite-6.12:satellite-common-0:6.12.1-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-commons-text: variable interpolation RCE"
}
]
}
RHSA-2023:0264
Vulnerability from csaf_redhat - Published: 2023-01-19 11:03 - Updated: 2026-05-27 08:35Summary
Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update
Severity
Moderate
Notes
Topic: An update for Logging Subsystem (5.6.0) is now available for Red Hat OpenShift Container Platform.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Logging Subsystem 5.6.0 - Red Hat OpenShift
* logging-view-plugin-container: loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601)
* logging-elasticsearch6-container: jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
* logging-loki-container: various flaws (CVE-2022-2879 CVE-2022-2880 CVE-2022-41715)
* logging-loki-container: golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* org.elasticsearch-elasticsearch: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* org.elasticsearch-elasticsearch: jackson-databind: use of deeply nested arrays (CVE-2022-42004)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request's form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package. The JoinPath doesn't remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A prototype pollution vulnerability was found in the parseQuery function in parseQuery.js in the webpack loader-utils via the name variable in parseQuery.js. This flaw can lead to a denial of service or remote code execution.
8.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.
6.5 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 | — |
Vendor Fix
fix
|
Known not affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 | — | ||
| Unresolved product id: 8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le | — |
Threats
Impact
Moderate
References
86 references
Acknowledgments
ADA Logics
Adam Korczynski
OSS-Fuzz
Head of Research, Oxeye
Daniel Abeles
Security Researcher, Oxeye
Gal Goldstein
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Logging Subsystem (5.6.0) is now available for Red Hat OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.6.0 - Red Hat OpenShift\n\n* logging-view-plugin-container: loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601)\n* logging-elasticsearch6-container: jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n* logging-loki-container: various flaws (CVE-2022-2879 CVE-2022-2880 CVE-2022-41715)\n* logging-loki-container: golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n* org.elasticsearch-elasticsearch: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* org.elasticsearch-elasticsearch: jackson-databind: use of deeply nested arrays (CVE-2022-42004)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0264",
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2134876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134876"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "LOG-2217",
"url": "https://issues.redhat.com/browse/LOG-2217"
},
{
"category": "external",
"summary": "LOG-2620",
"url": "https://issues.redhat.com/browse/LOG-2620"
},
{
"category": "external",
"summary": "LOG-2819",
"url": "https://issues.redhat.com/browse/LOG-2819"
},
{
"category": "external",
"summary": "LOG-2822",
"url": "https://issues.redhat.com/browse/LOG-2822"
},
{
"category": "external",
"summary": "LOG-2843",
"url": "https://issues.redhat.com/browse/LOG-2843"
},
{
"category": "external",
"summary": "LOG-2919",
"url": "https://issues.redhat.com/browse/LOG-2919"
},
{
"category": "external",
"summary": "LOG-2962",
"url": "https://issues.redhat.com/browse/LOG-2962"
},
{
"category": "external",
"summary": "LOG-2993",
"url": "https://issues.redhat.com/browse/LOG-2993"
},
{
"category": "external",
"summary": "LOG-3072",
"url": "https://issues.redhat.com/browse/LOG-3072"
},
{
"category": "external",
"summary": "LOG-3090",
"url": "https://issues.redhat.com/browse/LOG-3090"
},
{
"category": "external",
"summary": "LOG-3157",
"url": "https://issues.redhat.com/browse/LOG-3157"
},
{
"category": "external",
"summary": "LOG-3161",
"url": "https://issues.redhat.com/browse/LOG-3161"
},
{
"category": "external",
"summary": "LOG-3168",
"url": "https://issues.redhat.com/browse/LOG-3168"
},
{
"category": "external",
"summary": "LOG-3169",
"url": "https://issues.redhat.com/browse/LOG-3169"
},
{
"category": "external",
"summary": "LOG-3180",
"url": "https://issues.redhat.com/browse/LOG-3180"
},
{
"category": "external",
"summary": "LOG-3186",
"url": "https://issues.redhat.com/browse/LOG-3186"
},
{
"category": "external",
"summary": "LOG-3194",
"url": "https://issues.redhat.com/browse/LOG-3194"
},
{
"category": "external",
"summary": "LOG-3195",
"url": "https://issues.redhat.com/browse/LOG-3195"
},
{
"category": "external",
"summary": "LOG-3208",
"url": "https://issues.redhat.com/browse/LOG-3208"
},
{
"category": "external",
"summary": "LOG-3224",
"url": "https://issues.redhat.com/browse/LOG-3224"
},
{
"category": "external",
"summary": "LOG-3235",
"url": "https://issues.redhat.com/browse/LOG-3235"
},
{
"category": "external",
"summary": "LOG-3286",
"url": "https://issues.redhat.com/browse/LOG-3286"
},
{
"category": "external",
"summary": "LOG-3292",
"url": "https://issues.redhat.com/browse/LOG-3292"
},
{
"category": "external",
"summary": "LOG-3296",
"url": "https://issues.redhat.com/browse/LOG-3296"
},
{
"category": "external",
"summary": "LOG-3309",
"url": "https://issues.redhat.com/browse/LOG-3309"
},
{
"category": "external",
"summary": "LOG-3324",
"url": "https://issues.redhat.com/browse/LOG-3324"
},
{
"category": "external",
"summary": "LOG-3331",
"url": "https://issues.redhat.com/browse/LOG-3331"
},
{
"category": "external",
"summary": "LOG-3446",
"url": "https://issues.redhat.com/browse/LOG-3446"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0264.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update",
"tracking": {
"current_release_date": "2026-05-27T08:35:25+00:00",
"generator": {
"date": "2026-05-27T08:35:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2023:0264",
"initial_release_date": "2023-01-19T11:03:41+00:00",
"revision_history": [
{
"date": "2023-01-19T11:03:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-19T11:03:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-27T08:35:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.6 for RHEL 8",
"product": {
"name": "RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.6::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.6.0-142"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.6.0-130"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.6.0-172"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.\n\n\nThis flaw additionally affects the github.com/vbatts/tar-split library and was fixed in v0.12.1.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1",
"url": "https://github.com/vbatts/tar-split/releases/tag/v0.12.1"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
},
{
"cve": "CVE-2022-37601",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2022-10-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134876"
}
],
"notes": [
{
"category": "description",
"text": "A prototype pollution vulnerability was found in the parseQuery function in parseQuery.js in the webpack loader-utils via the name variable in parseQuery.js. This flaw can lead to a denial of service or remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: prototype pollution in function parseQuery in parseQuery.js",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Packages shipped in Red Hat Enterprise Linux use \u0027loader-utils\u0027 as a transitive dependency. Thus, reducing the impact to Moderate.\n\nIn Red Hat containerized products like OCP and ODF, the vulnerable loader-utils NodeJS module is bundled as a transitive dependency, hence the direct impact is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37601"
},
{
"category": "external",
"summary": "RHBZ#2134876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134876"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37601"
},
{
"category": "external",
"summary": "https://github.com/webpack/loader-utils/issues/212",
"url": "https://github.com/webpack/loader-utils/issues/212"
}
],
"release_date": "2022-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: prototype pollution in function parseQuery in parseQuery.js"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-19T11:03:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0264"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…