Vulnerability-Lookup

CVE-2023-26159 (GCVE-0-2023-26159)

Vulnerability from cvelistv5 – Published: 2024-01-02 05:00 – Updated: 2025-11-03 21:47

Summary

Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.

Severity

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-20 - Improper Input Validation
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Assigner

snyk

References

5 references

URL	Tags
https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIR…
https://github.com/follow-redirects/follow-redire…
https://github.com/follow-redirects/follow-redire…
https://lists.fedoraproject.org/archives/list/pac…
https://security.netapp.com/advisory/ntap-2024110…

Impacted products

1 product

Vendor	Product	Version
n/a	follow-redirects	Affected: 0 , < 1.15.4 (semver)

Credits

Kim Donggyu

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:47:30.161Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/follow-redirects/follow-redirects/issues/235"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/follow-redirects/follow-redirects/pull/236"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM/"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241108-0002/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-26159",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-09T18:34:28.261000Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-601",
                "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T18:37:41.128Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "follow-redirects",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "1.15.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Kim Donggyu"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-23T03:06:22.806Z",
        "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "shortName": "snyk"
      },
      "references": [
        {
          "url": "https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137"
        },
        {
          "url": "https://github.com/follow-redirects/follow-redirects/issues/235"
        },
        {
          "url": "https://github.com/follow-redirects/follow-redirects/pull/236"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
    "assignerShortName": "snyk",
    "cveId": "CVE-2023-26159",
    "datePublished": "2024-01-02T05:00:00.659Z",
    "dateReserved": "2023-02-20T10:28:48.931Z",
    "dateUpdated": "2025-11-03T21:47:30.161Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-26159",
      "date": "2026-06-04",
      "epss": "0.00103",
      "percentile": "0.2783"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-26159\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2024-01-02T05:15:08.630\",\"lastModified\":\"2025-11-03T22:16:05.953\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.\"},{\"lang\":\"es\",\"value\":\"Las versiones del paquete follow-redirects anteriores a la 1.15.4 son vulnerables a una validaci\u00f3n de entrada incorrecta debido al manejo inadecuado de las URL por parte de la funci\u00f3n url.parse(). Cuando la nueva URL() arroja un error, se puede manipular para malinterpretar el nombre de host. Un atacante podr\u00eda aprovechar esta debilidad para redirigir el tr\u00e1fico a un sitio malicioso, lo que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n, ataques de phishing u otras violaciones de seguridad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:follow-redirects:follow_redirects:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"1.15.4\",\"matchCriteriaId\":\"5E9B14E8-F184-4F4C-8275-8FE1D093D258\"}]}]}],\"references\":[{\"url\":\"https://github.com/follow-redirects/follow-redirects/issues/235\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/follow-redirects/follow-redirects/pull/236\",\"source\":\"report@snyk.io\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM/\",\"source\":\"report@snyk.io\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/follow-redirects/follow-redirects/issues/235\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/follow-redirects/follow-redirects/pull/236\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20241108-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/follow-redirects/follow-redirects/issues/235\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/follow-redirects/follow-redirects/pull/236\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241108-0002/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T21:47:30.161Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-26159\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-09T18:34:28.261000Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-17T18:37:36.035Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Kim Donggyu\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"follow-redirects\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.15.4\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137\"}, {\"url\": \"https://github.com/follow-redirects/follow-redirects/issues/235\"}, {\"url\": \"https://github.com/follow-redirects/follow-redirects/pull/236\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-20\", \"description\": \"Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"shortName\": \"snyk\", \"dateUpdated\": \"2024-01-23T03:06:22.806Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-26159\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T21:47:30.161Z\", \"dateReserved\": \"2023-02-20T10:28:48.931Z\", \"assignerOrgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"datePublished\": \"2024-01-02T05:00:00.659Z\", \"assignerShortName\": \"snyk\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

RHSA-2025:1609

Vulnerability from csaf_redhat - Published: 2025-02-17 16:13 - Updated: 2026-06-02 21:41

Summary

Red Hat Security Advisory: Cluster Observability Operator 1.0.0

Severity

Important

Notes

Topic: The Cluster Observability Operator (COO) is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions (CRDs).

Details: With this release, COO gets to GA availability.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-26159

An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64	—	Vendor Fix fix Workaround

Known not affected 49 products

Product	Version	Remediation
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64	—	Workaround
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x	—	Workaround

Threats

Impact Moderate

CVE-2024-28849

A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x	—	Vendor Fix fix
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le	—	Vendor Fix fix
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64	—	Vendor Fix fix
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64	—	Vendor Fix fix

Known not affected 49 products

Product	Identifier	Version	Remediation
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x		—

Threats

Impact Moderate

CVE-2024-45338

A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x	—	Vendor Fix fix
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le	—	Vendor Fix fix
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64	—	Vendor Fix fix
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64	—	Vendor Fix fix

Known not affected 49 products

Product	Identifier	Version	Remediation
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64		—
Unresolved product id: Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x		—

Threats

Impact Important

References

24 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:1609	self
https://access.redhat.com/security/updates/classi…	external
https://docs.openshift.com/container-platform/4.1…	external
https://access.redhat.com/security/cve/CVE-2024-45338	external
https://access.redhat.com/security/cve/CVE-2024-28849	external
https://access.redhat.com/security/cve/CVE-2023-26159	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-26159	self
https://bugzilla.redhat.com/show_bug.cgi?id=2256413	external
https://www.cve.org/CVERecord?id=CVE-2023-26159	external
https://nvd.nist.gov/vuln/detail/CVE-2023-26159	external
https://access.redhat.com/security/cve/CVE-2024-28849	self
https://bugzilla.redhat.com/show_bug.cgi?id=2269576	external
https://www.cve.org/CVERecord?id=CVE-2024-28849	external
https://nvd.nist.gov/vuln/detail/CVE-2024-28849	external
https://github.com/follow-redirects/follow-redire…	external
https://access.redhat.com/security/cve/CVE-2024-45338	self
https://bugzilla.redhat.com/show_bug.cgi?id=2333122	external
https://www.cve.org/CVERecord?id=CVE-2024-45338	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45338	external
https://go.dev/cl/637536	external
https://go.dev/issue/70906	external
https://groups.google.com/g/golang-announce/c/wSC…	external
https://pkg.go.dev/vuln/GO-2024-3333	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "The Cluster Observability Operator (COO) is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions (CRDs).",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "With this release, COO gets to GA availability.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:1609",
        "url": "https://access.redhat.com/errata/RHSA-2025:1609"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification",
        "url": "https://access.redhat.com/security/updates/classification"
      },
      {
        "category": "external",
        "summary": "https://docs.openshift.com/container-platform/4.17/observability/cluster_observability_operator/cluster-observability-operator-release-notes.html",
        "url": "https://docs.openshift.com/container-platform/4.17/observability/cluster_observability_operator/cluster-observability-operator-release-notes.html"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
        "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-28849",
        "url": "https://access.redhat.com/security/cve/CVE-2024-28849"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2023-26159",
        "url": "https://access.redhat.com/security/cve/CVE-2023-26159"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1609.json"
      }
    ],
    "title": "Red Hat Security Advisory: Cluster Observability Operator 1.0.0",
    "tracking": {
      "current_release_date": "2026-06-02T21:41:43+00:00",
      "generator": {
        "date": "2026-06-02T21:41:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2025:1609",
      "initial_release_date": "2025-02-17T16:13:51+00:00",
      "revision_history": [
        {
          "date": "2025-02-17T16:13:51+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-03-25T20:51:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-02T21:41:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Cluster Observability Operator 1.0.0",
                "product": {
                  "name": "Cluster Observability Operator 1.0.0",
                  "product_id": "Cluster Observability Operator 1.0.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:cluster_observability_operator:1.0::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Cluster Observability Operator"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alertmanager-rhel8@sha256%3A4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739390458"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-observability-operator-bundle@sha256%3A221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739791152"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-observability-rhel8-operator@sha256%3Afd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739789914"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboards-console-plugin-0-3-rhel9@sha256%3A10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196157"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/distributed-tracing-console-plugin-0-3-rhel9@sha256%3A5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393010"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/korrel8r-rhel8@sha256%3Aa4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195862"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-console-plugin-6-0-rhel9@sha256%3A78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195441"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/monitoring-console-plugin-0-3-rhel9@sha256%3A0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195698"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-rhel8-operator@sha256%3A600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195316"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel8@sha256%3A30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256%3A6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196289"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256%3A4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196041"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/thanos-rhel8@sha256%3A38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195312"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/troubleshooting-panel-console-plugin-0-3-rhel9@sha256%3A3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3?arch=amd64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393013"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alertmanager-rhel8@sha256%3Aebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739390458"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-observability-rhel8-operator@sha256%3Ad186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739789914"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboards-console-plugin-0-3-rhel9@sha256%3A6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196157"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/distributed-tracing-console-plugin-0-3-rhel9@sha256%3Aa93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393010"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/korrel8r-rhel8@sha256%3A857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195862"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-console-plugin-6-0-rhel9@sha256%3A39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195441"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/monitoring-console-plugin-0-3-rhel9@sha256%3Ac50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195698"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-rhel8-operator@sha256%3Ac24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195316"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel8@sha256%3Ac1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256%3A1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196289"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256%3A9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196041"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/thanos-rhel8@sha256%3A55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195312"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
                  "product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/troubleshooting-panel-console-plugin-0-3-rhel9@sha256%3A0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8?arch=arm64\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393013"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alertmanager-rhel8@sha256%3Ab7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739390458"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-observability-rhel8-operator@sha256%3A47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739789914"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboards-console-plugin-0-3-rhel9@sha256%3Ad38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196157"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/distributed-tracing-console-plugin-0-3-rhel9@sha256%3A39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393010"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/korrel8r-rhel8@sha256%3A7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195862"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-console-plugin-6-0-rhel9@sha256%3A55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195441"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/monitoring-console-plugin-0-3-rhel9@sha256%3A4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195698"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-rhel8-operator@sha256%3A9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195316"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel8@sha256%3A8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256%3Afebec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196289"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256%3Afd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196041"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/thanos-rhel8@sha256%3A4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195312"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
                  "product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/troubleshooting-panel-console-plugin-0-3-rhel9@sha256%3A13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0?arch=ppc64le\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393013"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/alertmanager-rhel8@sha256%3A0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739390458"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-observability-rhel8-operator@sha256%3A14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739789914"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboards-console-plugin-0-3-rhel9@sha256%3Ae36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196157"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/distributed-tracing-console-plugin-0-3-rhel9@sha256%3A0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393010"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/korrel8r-rhel8@sha256%3A6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195862"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-console-plugin-6-0-rhel9@sha256%3A2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195441"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/monitoring-console-plugin-0-3-rhel9@sha256%3A354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195698"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-rhel8-operator@sha256%3Acaf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195316"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-admission-webhook-rhel8@sha256%3Af55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195977"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256%3A55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196289"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/prometheus-rhel8@sha256%3A88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739196041"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/thanos-rhel8@sha256%3A5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739195312"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x",
                "product": {
                  "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x",
                  "product_id": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/troubleshooting-panel-console-plugin-0-3-rhel9@sha256%3A855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4?arch=s390x\u0026repository_url=registry.redhat.io/cluster-observability-operator\u0026tag=1.0.0-1739393013"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64 as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x as a component of Cluster Observability Operator 1.0.0",
          "product_id": "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
        },
        "product_reference": "registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x",
        "relates_to_product_reference": "Cluster Observability Operator 1.0.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26159",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-01-02T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2256413"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An Improper Input Validation flaw was found in follow-redirects due to the improper handling of URLs by the url.parse() function. When a new URL() throws an error, it can be manipulated to misinterpret the hostname. This issue could allow an attacker to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "follow-redirects is a transitive dependency of Grafana, and does not affect Red Hat Enterprise Linux 8.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
        ],
        "known_not_affected": [
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-26159"
        },
        {
          "category": "external",
          "summary": "RHBZ#2256413",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256413"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26159"
        }
      ],
      "release_date": "2024-01-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-17T16:13:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1609"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()"
    },
    {
      "cve": "CVE-2024-28849",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269576"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "follow-redirects: Possible credential leak",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
        ],
        "known_not_affected": [
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-28849"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269576",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28849",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
        },
        {
          "category": "external",
          "summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp",
          "url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp"
        }
      ],
      "release_date": "2024-03-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-17T16:13:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1609"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "follow-redirects: Possible credential leak"
    },
    {
      "cve": "CVE-2024-45338",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-12-18T21:00:59.938173+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333122"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
        ],
        "known_not_affected": [
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
          "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333122",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/637536",
          "url": "https://go.dev/cl/637536"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/70906",
          "url": "https://go.dev/issue/70906"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3333",
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "release_date": "2024-12-18T20:38:22.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-17T16:13:51+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1609"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:0a139fd0231b44aabc33627173ee98d0ebf1297b301cffb88520fa0c266419c6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:4219479d343e0889653411dd663eba93be633882c6ac5f2c4e91e06050e35e62_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:b7731d5dd9e0e08c5926d0f9f54a0d67e8b9a4cc0b805c5ddab9f28ca958c299_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/alertmanager-rhel8@sha256:ebe029f66906c1af08cedebf6f3b785f05c72742b95d7fa3d0596835dcc69894_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-operator-bundle@sha256:221e3514c869644f63e03c58467648cfc2a241de976941e29f1ae4492d2d6e0a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:14ec62625ed452a305b532556f8c9e5edfec36603221b55e364b5ff3a336577f_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:47d961fc88adbc2b0cd49cca5215632f31bcc023ccc223147492d6de78f3c51f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:d186268cdfcf15cc98e28555eef9b0cb6d082e3a9561346f05da62dd74bfdf32_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/cluster-observability-rhel8-operator@sha256:fd934560d184639a5c9567e53cce0f8e863476c0f59f846e2ffd4d8bff9a672c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:10e2cc68db50f7018d14a28dcefa844fc67a3893c0ca665dfa7c53838c9d8515_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:6481c593929a608b834f34fca5be1d4e916be06911b98a17e66af7064cff85a9_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:d38206b54d32b8a64140fb2a9c5cfc94c01ca68d80a67074402e8ce713d3a475_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/dashboards-console-plugin-0-3-rhel9@sha256:e36b3235b4f7627c762a477afd9b10da396d8b46bceeaab38107adce48cfde50_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:0e8c4695e653d1092ba755f7c2868fad66370077bf3f39ef7626383a0f69490c_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:39937748a620f7ff84c16b70d1888ffa2b37ca9820a7f8b9f2149db74ad3cd94_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:5068b1796ba0a7e90e1be27adf259ecbcfd87d19b18a8a2fb999d8139a71f21a_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/distributed-tracing-console-plugin-0-3-rhel9@sha256:a93ba2a7698ecde1de60ea629e9ed38da648e25ab46fa005bfb00d232e283935_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:6d86eced25a2fb454c21183748d98feac0192d30178e8fc1dc21cfa5387635e6_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:7ef29756f54d1e7e50d2b3ade6a2e3cc7e0d2d6a7e118e02acc8cfabd14abf60_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:857195f1a5ac1b142ceaa62eef963340eb8438b0d160aa4d5d3ac04975fcee60_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/korrel8r-rhel8@sha256:a4390e0455b330c66be3046f0c475206e159b9e579726ad7eaae588115c5ac47_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:2d65b9b24c4f140d92c8e1546da0efd9cd34b7a9484b0b0e74cd0b5514a82e1d_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:39b25b2a76b1b733479920b06782c042fdee70a6bb216cfe7008045850126946_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:55708cd50ae3df2238f31fa59cd4c3b5b3c223931631472501b82cf75350da53_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/logging-console-plugin-6-0-rhel9@sha256:78b630e98b1a8afd58f8f2c8d9147fe359cfbdb1942fb8da1dba28c98fe528aa_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:0341fc1043370ddd9fbe7a9578315a6ab5ed0443dd6405a4a5d1e9e0c99ce0c6_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:354a21013692c072241990054fb60f55f31f7f4d1a9f67dfb80649e87d978329_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:4f3941afe98e78477cad6d35161590ceae198b9ba021ee1c0fb0dca8efb50648_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/monitoring-console-plugin-0-3-rhel9@sha256:c50105566c0a684e210747cc0aed4958cd102f6927efd80f98919f2a210ec146_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:30a5b20b65d216d192442558cbe7385f39967e8c6f23547bcb79bd2e09cb6e65_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:8c99a3d5cf0ce275326a803f02a8f3c3fee86561918679ce32f9420a511c7944_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:c1932e4f8f2f814afa41598a267d035e6d0721f022cb4b4bdc66d06d25a43a78_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-admission-webhook-rhel8@sha256:f55b41a4da69d74382d2415905b2a4e6204a88af0fc6a32df45135fc9613b419_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:1546598bfe9c26a39ee752b8e488c67f4c711cba367d57d48554e660516835ad_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:55fea29b9fc172be497828aa7dc1c03f258b2a1fbed845d487ab97abe2a82495_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:6114e1656b16383f4149d42085155ed4ae4642d40f02d2d877b2637eca565558_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-operator-prometheus-config-reloader-rhel8@sha256:febec2fcf995293b2279b4a81fe3cf836a6b88139126f01c194d358c2048dac1_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:600f53e25e6eacbdbf16479a13a02d5e97ce8403f37267d3193ab966c9c7f06c_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:9ea465202c417bcef049bc5f585f9804d51a09066ebe9bbc38bbaae3dc071cad_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:c24e03fa4b12b06a37868768a1eca8121318eac1b808971eb883c90e14611e4c_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/obo-prometheus-rhel8-operator@sha256:caf84745233bdebb4414cf01c6c3678e556ad582f6c0e1768579bc99c9ed7d52_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:4fce5dcd4c962965de354b556bb21ebd7b8548ecf229111a8da15fc489ca034d_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:88333c1f90ed8db99072cecba2d230a5d616e3efbfbcd05c7e99cd3d4c2c0ab3_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:9febceb8da3ec2c129f18ce3be8015b167efdab11f58c1213236487471bfdd17_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/prometheus-rhel8@sha256:fd2615418206bc6361e2e444ffd73e44236436fc249a202e9e00578389d7932f_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:38710d770f39ced208ab080bb8557a211bd46c48345e6bca794bd704884c7ffb_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:4a0a22c2e5b9eaec39326d9c85c472035b1fa488b051b34927c16ffe947fb0e7_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:55676e8344b7792bb34e8a597ea4e5ce4bcb59f59c31623feacd9c698ea9d772_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/thanos-rhel8@sha256:5dc55c8cfa6fc3dd700dd5756b750113d19dbab1ff3ff3031d98e5ea7c045ee7_s390x",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:0c2ca7da24745cfaaf991a10c37433065e928ca0ee0be35409c4ee70ecd286a8_arm64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:13c017c148fc8cf2cb871d90ce6af66b5864be3fd7f09248e7d5919dd1741ed0_ppc64le",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:3724f9d8a178df07fcd09436c0cc8a294437fc64b1310f420a6a1e0885f18da3_amd64",
            "Cluster Observability Operator 1.0.0:registry.redhat.io/cluster-observability-operator/troubleshooting-panel-console-plugin-0-3-rhel9@sha256:855e9837c11846a6b07d372a2e7ac9fde57f2c4593b90ea9bd842a5f134e0ec4_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    }
  ]
}

WID-SEC-W-2024-0168

Vulnerability from csaf_certbund - Published: 2024-01-21 23:00 - Updated: 2025-11-18 23:00

Summary

Red Hat OpenShift: Schwachstelle ermöglicht Offenlegung von Informationen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme: - Linux

CVE-2023-26159

Affected products

Known affected 6 products

Product	Identifier	Version
Red Hat OpenShift Logging Subsystem <5.8.2 Red Hat / OpenShift		Logging Subsystem <5.8.2
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
IBM MQ IBM	`cpe:/a:ibm:mq:-`	—
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2

References

12 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2024:0271	external
https://access.redhat.com/errata/RHSA-2024:0720	external
https://access.redhat.com/errata/RHSA-2024:0853	external
https://access.redhat.com/errata/RHSA-2024:0998	external
https://access.redhat.com/errata/RHSA-2023:7198	external
https://access.redhat.com/errata/RHSA-2024:1027	external
https://access.redhat.com/errata/RHSA-2024:1946	external
https://www.ibm.com/support/pages/node/7149801	external
https://access.redhat.com/errata/RHSA-2024:3989	external
https://confluence.atlassian.com/security/securit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0168 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0168.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0168 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0168"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2024-01-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:0271"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0720 vom 2024-02-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:0720"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0853 vom 2024-02-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:0853"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0998 vom 2024-02-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0998"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7198 vom 2024-02-28",
        "url": "https://access.redhat.com/errata/RHSA-2023:7198"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1027 vom 2024-02-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:1027"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1946 vom 2024-04-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:1946"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7149801 vom 2024-04-30",
        "url": "https://www.ibm.com/support/pages/node/7149801"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3989 vom 2024-06-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:3989"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin - November 18 2025",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2025-11-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-19T09:42:43.758+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2024-0168",
      "initial_release_date": "2024-01-21T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-01-21T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-02-07T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-21T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-26T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-27T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-28T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-22T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-06-19T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "10"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket \u003c10.0.2",
                  "product_id": "T048675"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket 10.0.2",
                  "product_id": "T048675-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
                  "product_id": "T048676"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 8.19.25 (LTS)",
                  "product_id": "T048676-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
                  "product_id": "T048677"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 9.4.13 (LTS)",
                  "product_id": "T048677-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM MQ",
            "product": {
              "name": "IBM MQ",
              "product_id": "T021398",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:mq:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Logging Subsystem \u003c5.8.2",
                "product": {
                  "name": "Red Hat OpenShift Logging Subsystem \u003c5.8.2",
                  "product_id": "T032257"
                }
              },
              {
                "category": "product_version",
                "name": "Logging Subsystem 5.8.2",
                "product": {
                  "name": "Red Hat OpenShift Logging Subsystem 5.8.2",
                  "product_id": "T032257-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:logging_subsystem__5.8.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26159",
      "product_status": {
        "known_affected": [
          "T032257",
          "67646",
          "T021398",
          "T048677",
          "T048676",
          "T048675"
        ]
      },
      "release_date": "2024-01-21T23:00:00.000+00:00",
      "title": "CVE-2023-26159"
    }
  ]
}

WID-SEC-W-2024-0277

Vulnerability from csaf_certbund - Published: 2024-02-01 23:00 - Updated: 2024-02-01 23:00

Summary

IBM Business Automation Workflow: Mehrere Schwachstellen

Severity

Mittel

Notes

Produktbeschreibung: IBM Business Automation Workflow ist eine Lösung zur Automatisierung von Arbeitsabläufen.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, einen Phishing-Angriff durchzuführen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2023-45857

In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.

CVE-2023-26159

CVE-2023-31582

Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht im Jose4J-Paket und wird dadurch verursacht, dass eine niedrige Iterationszahl von 1000 oder weniger zugelassen wird. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um gehashte Passwortwerte zu erhalten.

CVE-2023-43642

Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht in der Komponente snappy-java aufgrund einer fehlenden Überprüfung der Obergrenze für die Chunk-Länge. Durch das Senden einer speziell gestalteten Anfrage kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.

References

5 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7114422	external
https://www.ibm.com/support/pages/node/7114423	external
https://www.ibm.com/support/pages/node/7114425	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM Business Automation Workflow ist eine L\u00f6sung zur Automatisierung von Arbeitsabl\u00e4ufen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, einen Phishing-Angriff durchzuf\u00fchren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0277 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0277.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0277 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0277"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-02-01",
        "url": "https://www.ibm.com/support/pages/node/7114422"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-02-01",
        "url": "https://www.ibm.com/support/pages/node/7114423"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-02-01",
        "url": "https://www.ibm.com/support/pages/node/7114425"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM Business Automation Workflow: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-01T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:04:46.668+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0277",
      "initial_release_date": "2024-02-01T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-01T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM Business Automation Workflow \u003c 23.0.2-IF001",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c 23.0.2-IF001",
                  "product_id": "T032483",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:23.0.2-if001"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "IBM Business Automation Workflow \u003c 21.0.3-IF029",
                "product": {
                  "name": "IBM Business Automation Workflow \u003c 21.0.3-IF029",
                  "product_id": "T032484",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:21.0.3-if029"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Business Automation Workflow"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45857",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "release_date": "2024-02-01T23:00:00.000+00:00",
      "title": "CVE-2023-45857"
    },
    {
      "cve": "CVE-2023-26159",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "release_date": "2024-02-01T23:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2023-31582",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht im Jose4J-Paket und wird dadurch verursacht, dass eine niedrige Iterationszahl von 1000 oder weniger zugelassen wird. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um gehashte Passwortwerte zu erhalten."
        }
      ],
      "release_date": "2024-02-01T23:00:00.000+00:00",
      "title": "CVE-2023-31582"
    },
    {
      "cve": "CVE-2023-43642",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM Business Automation Workflow. Dieser Fehler besteht in der Komponente snappy-java aufgrund einer fehlenden \u00dcberpr\u00fcfung der Obergrenze f\u00fcr die Chunk-L\u00e4nge. Durch das Senden einer speziell gestalteten Anfrage kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "release_date": "2024-02-01T23:00:00.000+00:00",
      "title": "CVE-2023-43642"
    }
  ]
}

WID-SEC-W-2024-0521

Vulnerability from csaf_certbund - Published: 2024-02-29 23:00 - Updated: 2024-12-15 23:00

Summary

IBM MQ: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: IBM MQ ist eine Message Oriented Middleware von IBM.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2001-1550

In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2002-1711

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2002-1713

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2005-1941

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2020-28241

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2022-48468

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-22081

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-39615

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-39976

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-4218

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-44487

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-45287

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-49568

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-5072

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-5676

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-7104

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2024-0553

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2024-27255

Affected products

Known affected 26 products

Product	Identifier	Version
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10
IBM MQ Operator v2.4.8 IBM / MQ	`cpe:/a:ibm:mq:operator_v2.4.8`	Operator v2.4.8
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM MQ Operator v3.1.0 CD IBM / MQ	`cpe:/a:ibm:mq:operator_v3.1.0__cd`	Operator v3.1.0 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM MQ Operator v2.0.19 LTS IBM / MQ	`cpe:/a:ibm:mq:operator_v2.0.19_lts`	Operator v2.0.19 LTS
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—

CVE-2023-26159

In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passwörtern und Open Redirects zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen oder Informationen offenzulegen.

Affected products

Known affected 23 products

Product	Identifier	Version
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2023-47745

Affected products

Known affected 23 products

Product	Identifier	Version
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

CVE-2024-25016

Affected products

Known affected 23 products

Product	Identifier	Version
IBM App Connect Enterprise <=12.0.11.3 IBM / App Connect Enterprise		<=12.0.11.3
IBM DataPower Gateway <10.5.4 IBM / DataPower Gateway		<10.5.4
IBM MQ 9.3 CD IBM / MQ	`cpe:/a:ibm:mq:9.3_cd`	9.3 CD
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
IBM DataPower Gateway <10.5.0.10 IBM / DataPower Gateway		<10.5.0.10
IBM MQ 9.1 LTS IBM / MQ	`cpe:/a:ibm:mq:9.1_lts`	9.1 LTS
IBM App Connect Enterprise <=11.0.0.25 IBM / App Connect Enterprise		<=11.0.0.25
IBM DataPower Gateway <10.0.1.18 IBM / DataPower Gateway		<10.0.1.18
IBM QRadar SIEM <7.5.0 UP8 IBM / QRadar SIEM		<7.5.0 UP8
IBM DataPower Gateway <10.5.0.15 IBM / DataPower Gateway		<10.5.0.15
IBM MQ 9.2 LTS IBM / MQ	`cpe:/a:ibm:mq:9.2_lts`	9.2 LTS
IBM Integration Bus <=10.1.0.3 IBM / Integration Bus		<=10.1.0.3
IBM DataPower Gateway <10.6.0.3 IBM / DataPower Gateway		<10.6.0.3
IBM MQ 9.0 LTS IBM / MQ	`cpe:/a:ibm:mq:9.0_lts`	9.0 LTS
IBM App Connect Enterprise IBM / App Connect Enterprise	`cpe:/a:ibm:app_connect_enterprise:-`	—
IBM DataPower Gateway <10.6.2 IBM / DataPower Gateway		<10.6.2
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
IBM Storage Scale IBM	`cpe:/a:ibm:spectrum_scale:-`	—
IBM MQ 9.3 LTS IBM / MQ	`cpe:/a:ibm:mq:9.3_lts`	9.3 LTS
IBM Business Automation Workflow IBM	`cpe:/a:ibm:business_automation_workflow:-`	—
IBM DB2 IBM	`cpe:/a:ibm:db2:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
IBM Power Hardware Management Console V10 IBM / Power Hardware Management Console	`cpe:/a:ibm:hardware_management_console:v10`	V10

References

19 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7123135	external
https://www.ibm.com/support/pages/node/7123136	external
https://www.ibm.com/support/pages/node/7123137	external
https://www.ibm.com/support/pages/node/7123138	external
https://www.ibm.com/support/pages/node/7123139	external
https://www.ibm.com/support/pages/node/7126571	external
https://www.ibm.com/support/pages/node/7129251	external
https://www.ibm.com/support/pages/node/7137570	external
https://www.ibm.com/support/pages/node/7138007	external
https://www.ibm.com/support/pages/node/7145367	external
https://www.ibm.com/support/pages/node/7145780	external
https://www.ibm.com/support/pages/node/7146478	external
https://www.ibm.com/support/pages/node/7114770	external
https://www.ibm.com/support/pages/node/7150144	external
https://www.ibm.com/support/pages/node/7150158	external
https://www.ibm.com/support/pages/node/7162189	external
https://www.ibm.com/support/pages/node/7178670	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM MQ ist eine Message Oriented Middleware von IBM.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0521 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0521.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0521 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0521"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7123135 vom 2024-02-29",
        "url": "https://www.ibm.com/support/pages/node/7123135"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7123136 vom 2024-02-29",
        "url": "https://www.ibm.com/support/pages/node/7123136"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7123137 vom 2024-02-29",
        "url": "https://www.ibm.com/support/pages/node/7123137"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7123138 vom 2024-02-29",
        "url": "https://www.ibm.com/support/pages/node/7123138"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7123139 vom 2024-02-29",
        "url": "https://www.ibm.com/support/pages/node/7123139"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7126571 vom 2024-02-29",
        "url": "https://www.ibm.com/support/pages/node/7126571"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7129251 vom 2024-03-01",
        "url": "https://www.ibm.com/support/pages/node/7129251"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7137570 vom 2024-03-12",
        "url": "https://www.ibm.com/support/pages/node/7137570"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7138007 vom 2024-03-12",
        "url": "https://www.ibm.com/support/pages/node/7138007"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7145367 vom 2024-03-27",
        "url": "https://www.ibm.com/support/pages/node/7145367"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7145780 vom 2024-04-03",
        "url": "https://www.ibm.com/support/pages/node/7145780"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7146478 vom 2024-04-04",
        "url": "https://www.ibm.com/support/pages/node/7146478"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7114770 vom 2024-05-01",
        "url": "https://www.ibm.com/support/pages/node/7114770"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7150144 vom 2024-05-03",
        "url": "https://www.ibm.com/support/pages/node/7150144"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7150158 vom 2024-05-03",
        "url": "https://www.ibm.com/support/pages/node/7150158"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7162189 vom 2024-08-01",
        "url": "https://www.ibm.com/support/pages/node/7162189"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7178670 vom 2024-12-13",
        "url": "https://www.ibm.com/support/pages/node/7178670"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM MQ: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-12-15T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-16T09:17:31.864+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-0521",
      "initial_release_date": "2024-02-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-03-03T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-04T23:00:00.000+00:00",
          "number": "3",
          "summary": "CVE-Zuordnung korrigiert"
        },
        {
          "date": "2024-03-11T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-12T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-03-27T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-02T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
        },
        {
          "date": "2024-04-04T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-01T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-02T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-05T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-08-01T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-12-15T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "13"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM App Connect Enterprise",
                "product": {
                  "name": "IBM App Connect Enterprise",
                  "product_id": "T032495",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:app_connect_enterprise:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=11.0.0.25",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c=11.0.0.25",
                  "product_id": "T033537"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=11.0.0.25",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c=11.0.0.25",
                  "product_id": "T033537-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=12.0.11.3",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c=12.0.11.3",
                  "product_id": "T033842"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=12.0.11.3",
                "product": {
                  "name": "IBM App Connect Enterprise \u003c=12.0.11.3",
                  "product_id": "T033842-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "App Connect Enterprise"
          },
          {
            "category": "product_name",
            "name": "IBM Business Automation Workflow",
            "product": {
              "name": "IBM Business Automation Workflow",
              "product_id": "T019704",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:business_automation_workflow:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "IBM DB2",
            "product": {
              "name": "IBM DB2",
              "product_id": "5104",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:db2:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.5.4",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.4",
                  "product_id": "T033810"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.4",
                "product": {
                  "name": "IBM DataPower Gateway 10.5.4",
                  "product_id": "T033810-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.5.0.10",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.0.10",
                  "product_id": "T033811"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.0.10",
                "product": {
                  "name": "IBM DataPower Gateway 10.5.0.10",
                  "product_id": "T033811-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.0.1.18",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.0.1.18",
                  "product_id": "T033812"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.1.18",
                "product": {
                  "name": "IBM DataPower Gateway 10.0.1.18",
                  "product_id": "T033812-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.6.2",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.6.2",
                  "product_id": "T039840"
                }
              },
              {
                "category": "product_version",
                "name": "10.6.2",
                "product": {
                  "name": "IBM DataPower Gateway 10.6.2",
                  "product_id": "T039840-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.6.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.6.0.3",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.6.0.3",
                  "product_id": "T039841"
                }
              },
              {
                "category": "product_version",
                "name": "10.6.0.3",
                "product": {
                  "name": "IBM DataPower Gateway 10.6.0.3",
                  "product_id": "T039841-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.5.0.15",
                "product": {
                  "name": "IBM DataPower Gateway \u003c10.5.0.15",
                  "product_id": "T039842"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.0.15",
                "product": {
                  "name": "IBM DataPower Gateway 10.5.0.15",
                  "product_id": "T039842-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.15"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "DataPower Gateway"
          },
          {
            "category": "product_name",
            "name": "IBM FlashSystem",
            "product": {
              "name": "IBM FlashSystem",
              "product_id": "T025159",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:flashsystem:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=10.1.0.3",
                "product": {
                  "name": "IBM Integration Bus \u003c=10.1.0.3",
                  "product_id": "T033332"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=10.1.0.3",
                "product": {
                  "name": "IBM Integration Bus \u003c=10.1.0.3",
                  "product_id": "T033332-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Integration Bus"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9.1 LTS",
                "product": {
                  "name": "IBM MQ 9.1 LTS",
                  "product_id": "T015789",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.1_lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.0 LTS",
                "product": {
                  "name": "IBM MQ 9.0 LTS",
                  "product_id": "T015792",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.0_lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.2 LTS",
                "product": {
                  "name": "IBM MQ 9.2 LTS",
                  "product_id": "T018186",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.2_lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.3 LTS",
                "product": {
                  "name": "IBM MQ 9.3 LTS",
                  "product_id": "T024689",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.3_lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.3 CD",
                "product": {
                  "name": "IBM MQ 9.3 CD",
                  "product_id": "T024690",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:9.3_cd"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Operator v3.1.0  CD",
                "product": {
                  "name": "IBM MQ Operator v3.1.0  CD",
                  "product_id": "T033202",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:operator_v3.1.0__cd"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Operator v2.0.19 LTS",
                "product": {
                  "name": "IBM MQ Operator v2.0.19 LTS",
                  "product_id": "T033203",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:operator_v2.0.19_lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Operator v2.4.8",
                "product": {
                  "name": "IBM MQ Operator v2.4.8",
                  "product_id": "T033204",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:mq:operator_v2.4.8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "MQ"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "V10",
                "product": {
                  "name": "IBM Power Hardware Management Console V10",
                  "product_id": "T023373",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:hardware_management_console:v10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Power Hardware Management Console"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP8",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP8",
                  "product_id": "T033681"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP8",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP8",
                  "product_id": "T033681-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          },
          {
            "category": "product_name",
            "name": "IBM SAN Volume Controller",
            "product": {
              "name": "IBM SAN Volume Controller",
              "product_id": "T002782",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:san_volume_controller:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "IBM Storage Scale",
            "product": {
              "name": "IBM Storage Scale",
              "product_id": "T019402",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:spectrum_scale:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "IBM Storwize",
            "product": {
              "name": "IBM Storwize",
              "product_id": "T021621",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:storwize:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2001-1550",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2001-1550"
    },
    {
      "cve": "CVE-2002-1711",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2002-1711"
    },
    {
      "cve": "CVE-2002-1713",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2002-1713"
    },
    {
      "cve": "CVE-2005-1941",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2005-1941"
    },
    {
      "cve": "CVE-2020-28241",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-28241"
    },
    {
      "cve": "CVE-2022-48468",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-48468"
    },
    {
      "cve": "CVE-2023-22081",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22081"
    },
    {
      "cve": "CVE-2023-39615",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-39615"
    },
    {
      "cve": "CVE-2023-39976",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-39976"
    },
    {
      "cve": "CVE-2023-4218",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-4218"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45287",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-45287"
    },
    {
      "cve": "CVE-2023-49568",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-49568"
    },
    {
      "cve": "CVE-2023-5072",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-5072"
    },
    {
      "cve": "CVE-2023-5676",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-5676"
    },
    {
      "cve": "CVE-2023-7104",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-7104"
    },
    {
      "cve": "CVE-2024-0553",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2024-0553"
    },
    {
      "cve": "CVE-2024-27255",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033810",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T018186",
          "T033332",
          "T024689",
          "T025159",
          "T023373",
          "T033204",
          "T033842",
          "T024690",
          "T033202",
          "T002782",
          "T033203",
          "T033681",
          "T039842",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T019704",
          "5104"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2024-27255"
    },
    {
      "cve": "CVE-2023-26159",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033842",
          "T033810",
          "T024690",
          "T002782",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T033681",
          "T039842",
          "T018186",
          "T033332",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T024689",
          "T019704",
          "5104",
          "T025159",
          "T023373"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2023-47745",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033842",
          "T033810",
          "T024690",
          "T002782",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T033681",
          "T039842",
          "T018186",
          "T033332",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T024689",
          "T019704",
          "5104",
          "T025159",
          "T023373"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-47745"
    },
    {
      "cve": "CVE-2024-25016",
      "notes": [
        {
          "category": "description",
          "text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T033842",
          "T033810",
          "T024690",
          "T002782",
          "T033811",
          "T015789",
          "T033537",
          "T033812",
          "T033681",
          "T039842",
          "T018186",
          "T033332",
          "T039841",
          "T015792",
          "T032495",
          "T039840",
          "T021621",
          "T019402",
          "T024689",
          "T019704",
          "5104",
          "T025159",
          "T023373"
        ]
      },
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2024-25016"
    }
  ]
}

WID-SEC-W-2024-0858

Vulnerability from csaf_certbund - Published: 2024-04-14 22:00 - Updated: 2024-11-20 23:00

Summary

IBM QRadar SIEM: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.

Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um Phishing-Angriffe durchzuführen, Sicherheitsmaßnahmen zu umgehen, beliebigen Code auszuführen oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme: - Linux

CVE-2023-26159

Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht in der Komponente "follow-redirects" aufgrund eines offenen Umleitungsproblems, das es ermöglicht, einen Benutzer auf beliebige Websites umzuleiten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Phishing-Angriff durchzuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM Deployment Intelligence App <3.0.14 IBM / QRadar SIEM		Deployment Intelligence App <3.0.14

CVE-2023-42282

Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht im Node.js IP-Paket aufgrund eines serverseitigen Request Forgery-Problems in der Funktion ip.isPublic(). Durch das Senden einer speziell gestalteten Anfrage, die eine hexadezimale Darstellung einer privaten IP-Adresse verwendet, kann ein Angreifer diese Schwachstelle ausnutzen, um beliebigen Code auf dem System auszuführen und vertrauliche Informationen offenzulegen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM Deployment Intelligence App <3.0.14 IBM / QRadar SIEM		Deployment Intelligence App <3.0.14

CVE-2023-44270

Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht in der Komponente PostCSS aufgrund einer unsachgemäßen Eingabevalidierung. Durch die Verwendung eines speziell gestalteten externen Cascading Style Sheets (CSS) kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM Deployment Intelligence App <3.0.14 IBM / QRadar SIEM		Deployment Intelligence App <3.0.14

CVE-2024-28849

Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht im Node.js-Modul "follow-redirects" aufgrund eines unzulässigen Autorisierungs-Header-Clearings. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM Deployment Intelligence App <3.0.14 IBM / QRadar SIEM		Deployment Intelligence App <3.0.14

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7148190	external
https://www.ibm.com/support/pages/node/7159781	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um Phishing-Angriffe durchzuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, beliebigen Code auszuf\u00fchren oder vertrauliche Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0858 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0858.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0858 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0858"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-04-14",
        "url": "https://www.ibm.com/support/pages/node/7148190"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7159781 vom 2024-07-08",
        "url": "https://www.ibm.com/support/pages/node/7159781"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM QRadar SIEM: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-20T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-21T09:04:22.276+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-0858",
      "initial_release_date": "2024-04-14T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-14T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-07-08T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "3",
          "summary": "Korrektur"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2.32.1",
                "product": {
                  "name": "IBM QRadar SIEM 2.32.1",
                  "product_id": "T034114",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:2.32.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Deployment Intelligence App \u003c3.0.14",
                "product": {
                  "name": "IBM QRadar SIEM Deployment Intelligence App \u003c3.0.14",
                  "product_id": "T035903"
                }
              },
              {
                "category": "product_version",
                "name": "Deployment Intelligence App 3.0.14",
                "product": {
                  "name": "IBM QRadar SIEM Deployment Intelligence App 3.0.14",
                  "product_id": "T035903-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:3.0.14::deployment_intelligence_app"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26159",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht in der Komponente \"follow-redirects\" aufgrund eines offenen Umleitungsproblems, das es erm\u00f6glicht, einen Benutzer auf beliebige Websites umzuleiten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Phishing-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T035903"
        ]
      },
      "release_date": "2024-04-14T22:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2023-42282",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht im Node.js IP-Paket aufgrund eines serverseitigen Request Forgery-Problems in der Funktion ip.isPublic(). Durch das Senden einer speziell gestalteten Anfrage, die eine hexadezimale Darstellung einer privaten IP-Adresse verwendet, kann ein Angreifer diese Schwachstelle ausnutzen, um beliebigen Code auf dem System auszuf\u00fchren und vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T035903"
        ]
      },
      "release_date": "2024-04-14T22:00:00.000+00:00",
      "title": "CVE-2023-42282"
    },
    {
      "cve": "CVE-2023-44270",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht in der Komponente PostCSS aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung. Durch die Verwendung eines speziell gestalteten externen Cascading Style Sheets (CSS) kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T035903"
        ]
      },
      "release_date": "2024-04-14T22:00:00.000+00:00",
      "title": "CVE-2023-44270"
    },
    {
      "cve": "CVE-2024-28849",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in IBM QRadar SIEM. Dieser Fehler besteht im Node.js-Modul \"follow-redirects\" aufgrund eines unzul\u00e4ssigen Autorisierungs-Header-Clearings. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T035903"
        ]
      },
      "release_date": "2024-04-14T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    }
  ]
}

WID-SEC-W-2024-1226

Vulnerability from csaf_certbund - Published: 2024-05-22 22:00 - Updated: 2025-11-18 23:00

Summary

Red Hat OpenShift: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren, einen Denial-of-Service-Zustand zu verursachen, beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, seine Privilegien zu erweitern oder um weitere nicht spezifizierte Angriffe auszuführen.

Betroffene Betriebssysteme: - Linux

CVE-2020-26555

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2021-25220

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2021-29390

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2021-43618

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-0480

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-2795

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-3094

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-38096

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-40090

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-45934

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-48554

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2022-48624

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-24023

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-25193

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-25775

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-26159

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-26364

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-28322

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-28464

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-28866

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-2975

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-31083

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-31122

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-3446

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-3567

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-3618

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-37453

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-3817

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-38469

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-38470

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-38471

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-38472

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-38473

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-38546

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-39189

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-39193

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-39194

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-39198

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-39326

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-40745

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-41175

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-4133

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-42754

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-42756

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-43785

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-43786

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-43787

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-43788

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-43789

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-4408

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45286

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45287

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45288

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45289

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45290

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45857

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-45863

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-46218

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-46862

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-47038

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-48631

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-50387

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-50868

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-51043

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-51779

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-51780

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52425

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52434

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52448

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52476

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52489

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52522

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52529

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52574

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52578

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52580

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52581

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52597

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52610

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-52620

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-5678

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6040

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6121

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6129

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6176

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6228

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6237

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6240

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6531

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6546

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6622

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6915

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6931

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-6932

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2023-7008

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-0565

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-0727

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-0841

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-1085

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-1086

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-1394

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-1488

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-21011

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-21012

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-21068

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-21085

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-21094

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-22365

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-24783

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-24784

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-24785

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-24786

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-25062

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-25742

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-25743

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26582

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26583

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26584

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26585

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26586

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26593

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26602

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26609

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-26633

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-27316

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-28834

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-28835

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-28849

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-29180

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-2961

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-33599

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-33600

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-33601

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

CVE-2024-33602

Affected products

Known affected 26 products

Product	Identifier	Version
Red Hat OpenShift GitOps 1.12 Red Hat / OpenShift	`cpe:/a:redhat:openshift:gitops_1.12`	GitOps 1.12
Red Hat OpenShift CodeReady Workspaces Red Hat / OpenShift	`cpe:/a:redhat:openshift:codeready_workspaces`	CodeReady Workspaces
Red Hat Enterprise Linux 9 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9`	9
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.12.72 Red Hat / OpenShift		Container Platform <4.12.72
Red Hat OpenShift Red Hat / OpenShift	`cpe:/a:redhat:openshift:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
Red Hat OpenShift Migration Toolkit for Applications <7.0.3 Red Hat / OpenShift		Migration Toolkit for Applications <7.0.3
Red Hat OpenShift Network Observability 1.6 Red Hat / OpenShift	`cpe:/a:redhat:openshift:network_observability_1.6`	Network Observability 1.6
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Data Foundation <4.14.13 Red Hat / OpenShift		Data Foundation <4.14.13
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Serverless Logic <1.35.0 Red Hat / OpenShift		Serverless Logic <1.35.0
Atlassian Bitbucket <9.4.13 (LTS) Atlassian / Bitbucket		<9.4.13 (LTS)
Atlassian Bitbucket <8.19.25 (LTS) Atlassian / Bitbucket		<8.19.25 (LTS)
Atlassian Bitbucket <10.0.2 Atlassian / Bitbucket		<10.0.2
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.16.8 Red Hat / OpenShift		Container Platform <4.16.8
Red Hat OpenShift for Windows Containers <10.15.3 Red Hat / OpenShift		for Windows Containers <10.15.3
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Custom Metric Autoscaler 2 Red Hat / OpenShift	`cpe:/a:redhat:openshift:custom_metric_autoscaler_2`	Custom Metric Autoscaler 2
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Red Hat OpenShift GitOps <1.15.2 Red Hat / OpenShift		GitOps <1.15.2

References

49 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2024:2874	external
https://access.redhat.com/errata/RHSA-2024:2929	external
https://access.redhat.com/errata/RHSA-2024:2930	external
https://access.redhat.com/errata/RHSA-2024:2932	external
https://access.redhat.com/errata/RHSA-2024:2933	external
https://access.redhat.com/errata/RHSA-2024:3316	external
https://access.redhat.com/errata/RHSA-2024:2901	external
https://access.redhat.com/errata/RHSA-2024:3473	external
https://access.redhat.com/errata/RHSA-2024:3790	external
https://access.redhat.com/errata/RHSA-2024:3715	external
https://access.redhat.com/errata/RHSA-2024:3314	external
https://access.redhat.com/errata/RHSA-2024:3919	external
https://errata.build.resf.org/RLSA-2024:3830	external
https://errata.build.resf.org/RLSA-2024:3827	external
https://access.redhat.com/errata/RHSA-2024:3868	external
https://errata.build.resf.org/RLSA-2024:3826	external
https://access.redhat.com/errata/RHSA-2024:3889	external
https://access.redhat.com/errata/RHSA-2024:3989	external
https://access.redhat.com/errata/RHSA-2024:4163	external
https://access.redhat.com/errata/RHSA-2024:3637	external
https://access.redhat.com/errata/RHSA-2024:1616	external
https://access.redhat.com/errata/RHSA-2024:3617	external
https://access.redhat.com/errata/RHSA-2024:4269	external
https://access.redhat.com/errata/RHSA-2024:4553	external
https://access.redhat.com/errata/RHSA-2024:4699	external
https://access.redhat.com/errata/RHSA-2024:4455	external
https://alas.aws.amazon.com/AL2/ALASDOCKER-2024-0…	external
https://access.redhat.com/errata/RHSA-2024:5422	external
https://access.redhat.com/errata/RHSA-2024:5745	external
https://access.redhat.com/errata/RHSA-2024:6667	external
https://access.redhat.com/errata/RHSA-2024:6755	external
https://access.redhat.com/errata/RHSA-2024:7164	external
https://access.redhat.com/errata/RHSA-2024:7184	external
https://access.redhat.com/errata/RHSA-2024:8318	external
https://access.redhat.com/errata/RHSA-2024:8676	external
https://access.redhat.com/errata/RHSA-2024:8677	external
https://access.redhat.com/errata/RHSA-2024:8688	external
https://access.redhat.com/errata/RHSA-2024:8692	external
https://access.redhat.com/errata/RHSA-2024:9088	external
https://ubuntu.com/security/notices/USN-7121-2	external
https://access.redhat.com/errata/RHSA-2025:0164	external
https://access.redhat.com/errata/RHSA-2025:0323	external
https://access.redhat.com/errata/RHSA-2025:0664	external
https://access.redhat.com/errata/RHSA-2025:0832	external
https://access.redhat.com/errata/RHSA-2025:2876	external
https://access.redhat.com/errata/RHSA-2025:7753	external
https://confluence.atlassian.com/security/securit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Dateien zu manipulieren, einen Denial-of-Service-Zustand zu verursachen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen offenzulegen,  seine Privilegien zu erweitern oder  um weitere nicht spezifizierte Angriffe auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1226 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1226.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1226 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1226"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2874 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2874"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2929 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2929"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2930 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2930"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2932 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2932"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2933 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:2933"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2874 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3316"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:2901 vom 2024-05-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:2901"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3473 vom 2024-05-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:3473"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3790 vom 2024-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:3790"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3715 vom 2024-06-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:3715"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3314 vom 2024-06-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:3314"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory",
        "url": "https://access.redhat.com/errata/RHSA-2024:3919"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3830 vom 2024-06-14",
        "url": "https://errata.build.resf.org/RLSA-2024:3830"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3827 vom 2024-06-14",
        "url": "https://errata.build.resf.org/RLSA-2024:3827"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3868 vom 2024-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:3868"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3826 vom 2024-06-14",
        "url": "https://errata.build.resf.org/RLSA-2024:3826"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3889 vom 2024-06-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:3889"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3989 vom 2024-06-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:3989"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4163 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:4163"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3637 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:3637"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1616 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:1616"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3617 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:3617"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4269 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4269"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4553 vom 2024-07-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:4553"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4699 vom 2024-07-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:4699"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4455 vom 2024-07-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:4455"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASDOCKER-2024-041 vom 2024-08-13",
        "url": "https://alas.aws.amazon.com/AL2/ALASDOCKER-2024-041.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5422 vom 2024-08-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:5422"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5745 vom 2024-08-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:5745"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6667 vom 2024-09-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:6667"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6755 vom 2024-09-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:6755"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7164 vom 2024-09-26",
        "url": "https://access.redhat.com/errata/RHSA-2024:7164"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7184 vom 2024-10-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:7184"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8318 vom 2024-10-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:8318"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:8676"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8677 vom 2024-10-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:8677"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8688 vom 2024-11-06",
        "url": "https://access.redhat.com/errata/RHSA-2024:8688"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8692 vom 2024-11-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:8692"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9088 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9088"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7121-2 vom 2024-11-20",
        "url": "https://ubuntu.com/security/notices/USN-7121-2"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0164 vom 2025-01-09",
        "url": "https://access.redhat.com/errata/RHSA-2025:0164"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0323 vom 2025-01-15",
        "url": "https://access.redhat.com/errata/RHSA-2025:0323"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0664 vom 2025-01-23",
        "url": "https://access.redhat.com/errata/RHSA-2025:0664"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:0832 vom 2025-02-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:0832"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2876 vom 2025-03-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:2876"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:7753 vom 2025-05-16",
        "url": "https://access.redhat.com/errata/RHSA-2025:7753"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin - November 18 2025",
        "url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-18T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-19T09:42:49.985+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2024-1226",
      "initial_release_date": "2024-05-22T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-22T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-05-23T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-10T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-13T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-16T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
        },
        {
          "date": "2024-06-18T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-19T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-30T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-25T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-29T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-13T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-08-20T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-21T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-12T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-18T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-25T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-23T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-30T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-06T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-01-08T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-01-14T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-01-23T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-05T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-03-16T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-05-15T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-11-18T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "34"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket \u003c10.0.2",
                  "product_id": "T048675"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.2",
                "product": {
                  "name": "Atlassian Bitbucket 10.0.2",
                  "product_id": "T048675-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
                  "product_id": "T048676"
                }
              },
              {
                "category": "product_version",
                "name": "8.19.25 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 8.19.25 (LTS)",
                  "product_id": "T048676-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
                  "product_id": "T048677"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.13 (LTS)",
                "product": {
                  "name": "Atlassian Bitbucket 9.4.13 (LTS)",
                  "product_id": "T048677-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Bitbucket"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Advanced Cluster Security for Kubernetes 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
                  "product_id": "T033787",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "T035142",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "Red Hat Enterprise Linux 9",
                  "product_id": "T038901",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Secondary Scheduler Operator",
                "product": {
                  "name": "Red Hat OpenShift Secondary Scheduler Operator",
                  "product_id": "T027759",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:::secondary_scheduler_operator"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Kube Descheduler Operator 5",
                "product": {
                  "name": "Red Hat OpenShift Kube Descheduler Operator 5",
                  "product_id": "T033270",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:kube_descheduler_operator_5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat OpenShift",
                "product": {
                  "name": "Red Hat OpenShift",
                  "product_id": "T035034",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Migration Toolkit for Applications \u003c7.0.3",
                "product": {
                  "name": "Red Hat OpenShift Migration Toolkit for Applications \u003c7.0.3",
                  "product_id": "T035036"
                }
              },
              {
                "category": "product_version",
                "name": "Migration Toolkit for Applications 7.0.3",
                "product": {
                  "name": "Red Hat OpenShift Migration Toolkit for Applications 7.0.3",
                  "product_id": "T035036-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:migration_toolkit_for_applications__7.0.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Custom Metric Autoscaler 2",
                "product": {
                  "name": "Red Hat OpenShift Custom Metric Autoscaler 2",
                  "product_id": "T035047",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:custom_metric_autoscaler_2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Network Observability 1.6",
                "product": {
                  "name": "Red Hat OpenShift Network Observability 1.6",
                  "product_id": "T035431",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:network_observability_1.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "GitOps 1.12",
                "product": {
                  "name": "Red Hat OpenShift GitOps 1.12",
                  "product_id": "T035679",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:gitops_1.12"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Run Once Duration Override Operator 1",
                "product": {
                  "name": "Red Hat OpenShift Run Once Duration Override Operator 1",
                  "product_id": "T035698",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:run_once_duration_override_operator_1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.8",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.8",
                  "product_id": "T036959"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.8",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.8",
                  "product_id": "T036959-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "for Windows Containers \u003c10.15.3",
                "product": {
                  "name": "Red Hat OpenShift for Windows Containers \u003c10.15.3",
                  "product_id": "T036993"
                }
              },
              {
                "category": "product_version",
                "name": "for Windows Containers 10.15.3",
                "product": {
                  "name": "Red Hat OpenShift for Windows Containers 10.15.3",
                  "product_id": "T036993-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:for_windows_containers__10.15.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "CodeReady Workspaces",
                "product": {
                  "name": "Red Hat OpenShift CodeReady Workspaces",
                  "product_id": "T037618",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:codeready_workspaces"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.14.38",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.14.38",
                  "product_id": "T037940"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.14.38",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.14.38",
                  "product_id": "T037940-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.38"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Foundation \u003c4.14.13",
                "product": {
                  "name": "Red Hat OpenShift Data Foundation \u003c4.14.13",
                  "product_id": "T040215"
                }
              },
              {
                "category": "product_version",
                "name": "Data Foundation 4.14.13",
                "product": {
                  "name": "Red Hat OpenShift Data Foundation 4.14.13",
                  "product_id": "T040215-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:data_foundation__4.14.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Serverless Logic \u003c1.35.0",
                "product": {
                  "name": "Red Hat OpenShift Serverless Logic \u003c1.35.0",
                  "product_id": "T040597"
                }
              },
              {
                "category": "product_version",
                "name": "Serverless Logic 1.35.0",
                "product": {
                  "name": "Red Hat OpenShift Serverless Logic 1.35.0",
                  "product_id": "T040597-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:serverless_logic__1.35.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.12.72",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.12.72",
                  "product_id": "T040822"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.12.72",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.12.72",
                  "product_id": "T040822-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.72"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "GitOps \u003c1.15.2",
                "product": {
                  "name": "Red Hat OpenShift GitOps \u003c1.15.2",
                  "product_id": "T043834"
                }
              },
              {
                "category": "product_version",
                "name": "GitOps 1.15.2",
                "product": {
                  "name": "Red Hat OpenShift GitOps 1.15.2",
                  "product_id": "T043834-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:gitops__1.15.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-26555",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2020-26555"
    },
    {
      "cve": "CVE-2021-25220",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2021-25220"
    },
    {
      "cve": "CVE-2021-29390",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2021-29390"
    },
    {
      "cve": "CVE-2021-43618",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2021-43618"
    },
    {
      "cve": "CVE-2022-0480",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-0480"
    },
    {
      "cve": "CVE-2022-2795",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-2795"
    },
    {
      "cve": "CVE-2022-3094",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-3094"
    },
    {
      "cve": "CVE-2022-38096",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-38096"
    },
    {
      "cve": "CVE-2022-40090",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-40090"
    },
    {
      "cve": "CVE-2022-45934",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-45934"
    },
    {
      "cve": "CVE-2022-48554",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-48554"
    },
    {
      "cve": "CVE-2022-48624",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2022-48624"
    },
    {
      "cve": "CVE-2023-24023",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-24023"
    },
    {
      "cve": "CVE-2023-25193",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-25193"
    },
    {
      "cve": "CVE-2023-25775",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-25775"
    },
    {
      "cve": "CVE-2023-26159",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2023-26364",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-26364"
    },
    {
      "cve": "CVE-2023-28322",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-28322"
    },
    {
      "cve": "CVE-2023-28464",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-28464"
    },
    {
      "cve": "CVE-2023-28866",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-28866"
    },
    {
      "cve": "CVE-2023-2975",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-2975"
    },
    {
      "cve": "CVE-2023-31083",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-31083"
    },
    {
      "cve": "CVE-2023-31122",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-31122"
    },
    {
      "cve": "CVE-2023-3446",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-3446"
    },
    {
      "cve": "CVE-2023-3567",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-3567"
    },
    {
      "cve": "CVE-2023-3618",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-3618"
    },
    {
      "cve": "CVE-2023-37453",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-37453"
    },
    {
      "cve": "CVE-2023-3817",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-3817"
    },
    {
      "cve": "CVE-2023-38469",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-38469"
    },
    {
      "cve": "CVE-2023-38470",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-38470"
    },
    {
      "cve": "CVE-2023-38471",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-38471"
    },
    {
      "cve": "CVE-2023-38472",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-38472"
    },
    {
      "cve": "CVE-2023-38473",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-38473"
    },
    {
      "cve": "CVE-2023-38546",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-38546"
    },
    {
      "cve": "CVE-2023-39189",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-39189"
    },
    {
      "cve": "CVE-2023-39193",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-39193"
    },
    {
      "cve": "CVE-2023-39194",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-39194"
    },
    {
      "cve": "CVE-2023-39198",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-39198"
    },
    {
      "cve": "CVE-2023-39326",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-39326"
    },
    {
      "cve": "CVE-2023-40745",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-40745"
    },
    {
      "cve": "CVE-2023-41175",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-41175"
    },
    {
      "cve": "CVE-2023-4133",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-4133"
    },
    {
      "cve": "CVE-2023-42754",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-42754"
    },
    {
      "cve": "CVE-2023-42756",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-42756"
    },
    {
      "cve": "CVE-2023-43785",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-43785"
    },
    {
      "cve": "CVE-2023-43786",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-43786"
    },
    {
      "cve": "CVE-2023-43787",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-43787"
    },
    {
      "cve": "CVE-2023-43788",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-43788"
    },
    {
      "cve": "CVE-2023-43789",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-43789"
    },
    {
      "cve": "CVE-2023-4408",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-4408"
    },
    {
      "cve": "CVE-2023-45286",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45286"
    },
    {
      "cve": "CVE-2023-45287",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45287"
    },
    {
      "cve": "CVE-2023-45288",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45288"
    },
    {
      "cve": "CVE-2023-45289",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45289"
    },
    {
      "cve": "CVE-2023-45290",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45290"
    },
    {
      "cve": "CVE-2023-45857",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45857"
    },
    {
      "cve": "CVE-2023-45863",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-46218",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-46218"
    },
    {
      "cve": "CVE-2023-46862",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-46862"
    },
    {
      "cve": "CVE-2023-47038",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-47038"
    },
    {
      "cve": "CVE-2023-48631",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-48631"
    },
    {
      "cve": "CVE-2023-50387",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-50387"
    },
    {
      "cve": "CVE-2023-50868",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-50868"
    },
    {
      "cve": "CVE-2023-51043",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-51043"
    },
    {
      "cve": "CVE-2023-51779",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-51779"
    },
    {
      "cve": "CVE-2023-51780",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-51780"
    },
    {
      "cve": "CVE-2023-52425",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52434",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52434"
    },
    {
      "cve": "CVE-2023-52448",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52448"
    },
    {
      "cve": "CVE-2023-52476",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52476"
    },
    {
      "cve": "CVE-2023-52489",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52489"
    },
    {
      "cve": "CVE-2023-52522",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52522"
    },
    {
      "cve": "CVE-2023-52529",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52529"
    },
    {
      "cve": "CVE-2023-52574",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52574"
    },
    {
      "cve": "CVE-2023-52578",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52578"
    },
    {
      "cve": "CVE-2023-52580",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52580"
    },
    {
      "cve": "CVE-2023-52581",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52581"
    },
    {
      "cve": "CVE-2023-52597",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52597"
    },
    {
      "cve": "CVE-2023-52610",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52610"
    },
    {
      "cve": "CVE-2023-52620",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-52620"
    },
    {
      "cve": "CVE-2023-5678",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-6040",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6040"
    },
    {
      "cve": "CVE-2023-6121",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6121"
    },
    {
      "cve": "CVE-2023-6129",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2023-6176",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6176"
    },
    {
      "cve": "CVE-2023-6228",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6228"
    },
    {
      "cve": "CVE-2023-6237",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6237"
    },
    {
      "cve": "CVE-2023-6240",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6240"
    },
    {
      "cve": "CVE-2023-6531",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6531"
    },
    {
      "cve": "CVE-2023-6546",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6546"
    },
    {
      "cve": "CVE-2023-6622",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6622"
    },
    {
      "cve": "CVE-2023-6915",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6915"
    },
    {
      "cve": "CVE-2023-6931",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6931"
    },
    {
      "cve": "CVE-2023-6932",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-6932"
    },
    {
      "cve": "CVE-2023-7008",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2023-7008"
    },
    {
      "cve": "CVE-2024-0565",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-0565"
    },
    {
      "cve": "CVE-2024-0727",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-0727"
    },
    {
      "cve": "CVE-2024-0841",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-0841"
    },
    {
      "cve": "CVE-2024-1085",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-1085"
    },
    {
      "cve": "CVE-2024-1086",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-1086"
    },
    {
      "cve": "CVE-2024-1394",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-1394"
    },
    {
      "cve": "CVE-2024-1488",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-1488"
    },
    {
      "cve": "CVE-2024-21011",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-21011"
    },
    {
      "cve": "CVE-2024-21012",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-21012"
    },
    {
      "cve": "CVE-2024-21068",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-21068"
    },
    {
      "cve": "CVE-2024-21085",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-21085"
    },
    {
      "cve": "CVE-2024-21094",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-21094"
    },
    {
      "cve": "CVE-2024-22365",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-22365"
    },
    {
      "cve": "CVE-2024-24783",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-24783"
    },
    {
      "cve": "CVE-2024-24784",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-24784"
    },
    {
      "cve": "CVE-2024-24785",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-24785"
    },
    {
      "cve": "CVE-2024-24786",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-24786"
    },
    {
      "cve": "CVE-2024-25062",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25742",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-25742"
    },
    {
      "cve": "CVE-2024-25743",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-25743"
    },
    {
      "cve": "CVE-2024-26582",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26582"
    },
    {
      "cve": "CVE-2024-26583",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26583"
    },
    {
      "cve": "CVE-2024-26584",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26584"
    },
    {
      "cve": "CVE-2024-26585",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26585"
    },
    {
      "cve": "CVE-2024-26586",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26586"
    },
    {
      "cve": "CVE-2024-26593",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26593"
    },
    {
      "cve": "CVE-2024-26602",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26602"
    },
    {
      "cve": "CVE-2024-26609",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26609"
    },
    {
      "cve": "CVE-2024-26633",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-26633"
    },
    {
      "cve": "CVE-2024-27316",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-27316"
    },
    {
      "cve": "CVE-2024-28834",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-28834"
    },
    {
      "cve": "CVE-2024-28835",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-28835"
    },
    {
      "cve": "CVE-2024-28849",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29180",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-29180"
    },
    {
      "cve": "CVE-2024-2961",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-2961"
    },
    {
      "cve": "CVE-2024-33599",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-33599"
    },
    {
      "cve": "CVE-2024-33600",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-33600"
    },
    {
      "cve": "CVE-2024-33601",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-33601"
    },
    {
      "cve": "CVE-2024-33602",
      "product_status": {
        "known_affected": [
          "T035679",
          "T037618",
          "T038901",
          "67646",
          "T040822",
          "T035034",
          "T035698",
          "T035036",
          "T035431",
          "T027759",
          "T033270",
          "T040215",
          "398363",
          "T040597",
          "T048677",
          "T048676",
          "T048675",
          "T033787",
          "T036959",
          "T036993",
          "T037940",
          "T035142",
          "T032255",
          "T035047",
          "T000126",
          "T043834"
        ]
      },
      "release_date": "2024-05-22T22:00:00.000+00:00",
      "title": "CVE-2024-33602"
    }
  ]
}

WID-SEC-W-2024-3344

Vulnerability from csaf_certbund - Published: 2024-11-05 23:00 - Updated: 2024-12-18 23:00

Summary

HCL BigFix WebUI: Mehrere Open Source Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: BigFix ist eine Lösung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HCL BigFix WebU ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.

Betroffene Betriebssysteme: - Linux - Sonstiges - UNIX - Windows

CVE-2023-26159

In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und die Integrität zu gefährden.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2023-45857

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-21501

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-33883

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-35255

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-38996

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-43796

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-43799

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-43800

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-45296

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-45590

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-8372

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

CVE-2024-8373

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
HCL BigFix Server Automation HCL / BigFix	`cpe:/a:hcltech:bigfix:server_automation`	Server Automation
HCL BigFix HCL / BigFix	`cpe:/a:hcltech:bigfix:webui`	—

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.hcl-software.com/community?id=com…	external
https://support.hcl-software.com/community?id=com…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HCL BigFix WebU ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3344 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3344.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3344 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3344"
      },
      {
        "category": "external",
        "summary": "HCL BigFix Security Advisory vom 2024-11-05",
        "url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=e8e9f77b936dd6100dddf87d1dba103d"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2024-12-18",
        "url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=1af3c435fb2216d0db10f2797befdc15"
      }
    ],
    "source_lang": "en-US",
    "title": "HCL BigFix WebUI: Mehrere Open Source Schwachstellen",
    "tracking": {
      "current_release_date": "2024-12-18T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-19T09:12:54.292+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-3344",
      "initial_release_date": "2024-11-05T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-05T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-12-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HCL BigFix",
                "product": {
                  "name": "HCL BigFix",
                  "product_id": "T036098",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:bigfix:webui"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Server Automation",
                "product": {
                  "name": "HCL BigFix Server Automation",
                  "product_id": "T039915",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:bigfix:server_automation"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BigFix"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26159",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2023-45857",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2023-45857"
    },
    {
      "cve": "CVE-2024-21501",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-21501"
    },
    {
      "cve": "CVE-2024-33883",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-33883"
    },
    {
      "cve": "CVE-2024-35255",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-35255"
    },
    {
      "cve": "CVE-2024-38996",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-38996"
    },
    {
      "cve": "CVE-2024-43796",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-43796"
    },
    {
      "cve": "CVE-2024-43799",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-43799"
    },
    {
      "cve": "CVE-2024-43800",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-43800"
    },
    {
      "cve": "CVE-2024-45296",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-45296"
    },
    {
      "cve": "CVE-2024-45590",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-45590"
    },
    {
      "cve": "CVE-2024-8372",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-8372"
    },
    {
      "cve": "CVE-2024-8373",
      "notes": [
        {
          "category": "description",
          "text": "In HCL BigFix existieren mehrere Schwachstellen in mehreren Third Party Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und die Integrit\u00e4t zu gef\u00e4hrden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039915",
          "T036098"
        ]
      },
      "release_date": "2024-11-05T23:00:00.000+00:00",
      "title": "CVE-2024-8373"
    }
  ]
}

WID-SEC-W-2025-0010

Vulnerability from csaf_certbund - Published: 2025-01-05 23:00 - Updated: 2025-01-05 23:00

Summary

HCL BigFix Server Automation: Mehrere Schwachstellen

Severity

Mittel

Notes

Produktbeschreibung: BigFix ist eine Lösung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HCL BigFix Server Automation ausnutzen, um Dateien zu manipulieren, vertrauliche Informationen preiszugeben und Phishing-Angriffe durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2023-26159

Es besteht eine Schwachstelle in HCL BigFix Server Automation. Die Schwachstelle besteht in der follow-redirects Bibliothek aufgrund einer unsachgemäßen Eingabevalidierung bei der Behandlung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Hostnamen über speziell gestaltete Eingaben zu manipulieren, wenn "new URL()" fehlschlägt. Dadurch kann der Datenverkehr auf bösartige Websites umgeleitet werden, was zu Phishing-Angriffen, der Offenlegung von Informationen oder anderen Sicherheitsverletzungen führen kann. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, das Opfer muss dem manipulierten Link folgen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
HCL BigFix Server Automation <9.5.70 HCL / BigFix		Server Automation <9.5.70

CVE-2024-28849

Es besteht eine Schwachstelle in HCL BigFix Server Automation. Der Fehler besteht aufgrund der unsachgemäßen Löschung des Proxy-Authentifizierungs-Headers bei domänenübergreifenden Umleitungen im Paket follow-redirects, was zur Preisgabe von Anmeldeinformationen führt. Ein anonymer, entfernter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
HCL BigFix Server Automation <9.5.70 HCL / BigFix		Server Automation <9.5.70

CVE-2024-29041

Es besteht eine Schwachstelle in HCL BigFix Server Automation. Diese Schwachstelle besteht aufgrund einer offenen Redirect-Schwachstelle in Express.js, die auf eine fehlerhafte URL-Behandlung zurückzuführen ist, die eine ordnungsgemäß implementierte Genehmigungsliste umgeht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Phishing-Angriff durchzuführen.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
HCL BigFix Server Automation <9.5.70 HCL / BigFix		Server Automation <9.5.70

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.hcl-software.com/csm?id=kb_articl…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HCL BigFix Server Automation ausnutzen, um Dateien zu manipulieren, vertrauliche Informationen preiszugeben und Phishing-Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0010 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0010.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0010 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0010"
      },
      {
        "category": "external",
        "summary": "HCL Security Bulletin vom 2025-01-05",
        "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0118216"
      }
    ],
    "source_lang": "en-US",
    "title": "HCL BigFix Server Automation: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-05T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-06T10:32:20.257+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0010",
      "initial_release_date": "2025-01-05T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-01-05T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Server Automation \u003c9.5.70",
                "product": {
                  "name": "HCL BigFix Server Automation \u003c9.5.70",
                  "product_id": "T040006"
                }
              },
              {
                "category": "product_version",
                "name": "Server Automation  9.5.70",
                "product": {
                  "name": "HCL BigFix Server Automation  9.5.70",
                  "product_id": "T040006-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:bigfix:server_automation___9.5.70"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BigFix"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26159",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in HCL BigFix Server Automation. Die Schwachstelle besteht in der follow-redirects Bibliothek aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung bei der Behandlung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Hostnamen \u00fcber speziell gestaltete Eingaben zu manipulieren, wenn \"new URL()\" fehlschl\u00e4gt. Dadurch kann der Datenverkehr auf b\u00f6sartige Websites umgeleitet werden, was zu Phishing-Angriffen, der Offenlegung von Informationen oder anderen Sicherheitsverletzungen f\u00fchren kann. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion, das Opfer muss dem manipulierten Link folgen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040006"
        ]
      },
      "release_date": "2025-01-05T23:00:00.000+00:00",
      "title": "CVE-2023-26159"
    },
    {
      "cve": "CVE-2024-28849",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in HCL BigFix Server Automation. Der Fehler besteht aufgrund der unsachgem\u00e4\u00dfen L\u00f6schung des Proxy-Authentifizierungs-Headers bei dom\u00e4nen\u00fcbergreifenden Umleitungen im Paket follow-redirects, was zur Preisgabe von Anmeldeinformationen f\u00fchrt. Ein anonymer, entfernter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen preiszugeben."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040006"
        ]
      },
      "release_date": "2025-01-05T23:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29041",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in HCL BigFix Server Automation. Diese Schwachstelle besteht aufgrund einer offenen Redirect-Schwachstelle in Express.js, die auf eine fehlerhafte URL-Behandlung zur\u00fcckzuf\u00fchren ist, die eine ordnungsgem\u00e4\u00df implementierte Genehmigungsliste umgeht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Phishing-Angriff durchzuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040006"
        ]
      },
      "release_date": "2025-01-05T23:00:00.000+00:00",
      "title": "CVE-2024-29041"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-26159 (GCVE-0-2023-26159)

Tags

Sightings

Nomenclature